Instructional Design

Learning & Development

Higher Ed

K-12

Sales

Customer Success

Product Development

Software Engineering

Academic Advising

Marketing

Fully Remote

All Jobs

Companies
About Post a job
Existing employer? Sign in
edtech.com
Chess.com logo

Chess.com

Security Engineer

🇺🇸 Remote - US

🕑 Full-Time

💰 TBD

💻 Cybersecurity

🗓️ May 22nd, 2025

Python SIEM

Edtech.com's Summary

Chess.com is hiring a Security Engineer. This role involves triaging, reproducing, and assessing vulnerabilities through the Bug Bounty Program and collaborating with the engineering teams to ensure security designs adhere to industry standards. The Security Engineer will also be responsible for reviewing penetration testing results, updating security systems, evaluating security software, and acting as a security expert and advocate within the organization. 

Highlights 
  • Triage and assess vulnerabilities in collaboration with engineering teams.
  • Perform threat modeling and ensure designs adhere to security standards.
  • Review penetration test results and manage security tasks using Jira.
  • Use and evaluate security software, leading product demos and implementation.
  • Guidance and advocacy for best security practices in Slack and Zoom.
  • 3+ years experience in web application security.
  • Familiarity with Burp Suite or similar tools.
  • Proficiency in Python, PHP, or JavaScript.
  • Compensation details not provided; full-time, remote position open globally.
  • Friendly with collaboration tools like Slack and committed to continuous learning.

Security Engineer Full Description

Security Engineer
Engineering
Remote

About Us
Chess.com is one of the largest gaming sites in the world and the #1 platform for playing, learning, and enjoying chess.

We are a team of 600+ fully remote people in 60+ countries working hard to serve the global chess community. We are here to support 185M+ chess players worldwide with the best possible product, content, and tools to serve the community!

We are a tech company. A gaming company. A content company. And we do it all with passion and commitment to the game. Above all we prize our mission-driven, flat, life-celebrating, no-corporate culture, and we look forward to meeting you and learning more about what you can bring to the team.

About You
You are experienced, resourceful, and tactical in your abilities to identify, own, and solve problems. You have experience in cybersecurity and expert-level quick-thinking abilities to foresee issues before they arise.  You are humble and both a learner and a teacher, depending on the situation. You are comfortable in a remote-first environment, communicating in a kind and professional manner via slack, and frequently posting updates in public channels keeping everyone aware of your efforts and progress. You have a strong desire to turn your talents towards chess!

What you'll do
  • Triage, reproduce, and assess vulnerabilities submitted through the Bug Bounty Program, and work with the Engineering Teams to close the discovered gaps.
  • Work closely with the Engineering Teams to perform Threat Models of their solutions, acting as a security advisor when appropriate, and ensuring designs are vetted and adhering to security industry standards.
  • Review Penetration Testing results and SIEM reports. Translate the findings into actionable tasks in Jira and track them to completion.  
  • Apply updates to the WAF and various other security systems where applicable, and/or support the Engineering Teams to address findings.
  • Evaluate security software and systems used by the company.  Attend product demos to help determine the best solution for our company. Lead these efforts from beginning to end.
  • Act as a security expert, guiding developers and projects to ensure security best practices.
  • Be a security advocate in Slack and Zoom meetings.  Proactively joining slack conversations to represent Security and provide guidance.  We rely heavily on Slack for communications, so you should be comfortable with that, and a very active contributor within the Slack workspace.

Preferred Skills
  • 3+ years professional experience in web application security
  • Strong written communication skills in English
  • Familiarity with Burp Suite or similar tools for viewing and tampering with web requests
  • Prior experience with a Bug Bounty program is a plus
  • Experience in Python, PHP or JS
  • Strong collaboration and communication skills working in a fully distributed team primarily using Slack and some Zoom meetings
  • Programmer mindset.  We prefer to automate software that defends our systems.
  • Sense of ownership and responsibility
  • Chess player
  • Lifelong learner

About the Opportunity
  • This is a full-time opportunity
  • We are 100% remote (work from anywhere!)
  • This role is open to candidates from anywhere!
---
You can learn more about us here:

Similar Jobs

Information Security Compliance Manager

University of North Carolina - Charlotte

🇺🇸 Charlotte, NC

Information Security Systems Analyst

Bright Horizons

🇺🇸 Remote - US

IT Security Analyst, Associate

Purdue University

🇺🇸 Remote - US

Cybersecurity Risk Analyst I

University of Florida

🇺🇸 Gainesville, FL

IT Cybersecurity & Compliance Specialist

North Carolina State University

🇺🇸 Asheville, NC