Grammarly is excited to offer a remote-first hybrid working model. Team members can work primarily remotely in the United States, Canada, Ukraine, Germany, Poland, or Portugal. Conditions permitting, teams will meet in person a few weeks every quarter at one of Grammarly's hubs in San Francisco, Kyiv, New York, Vancouver, and Berlin, or in a workspace in Kraków.
We believe this balanced, flexible approach gives our team members the best of both worlds: plenty of focus time along with in-person collaboration that fosters trust, unlocks creativity, and further fuels innovation.
Grammarly team members who will be collaborating in Berlin must be based in Germany, Ukraine, Poland, or Portugal.
Every day, tens of millions of people and 50,000 professional teams rely on Grammarly’s AI-enabled communication assistance to help them communicate confidently and achieve their goals. Our team members have the autonomy to take on exciting challenges in pursuit of our mission to improve lives by improving communication. Together, we’re building on more than a decade of steady growth and profitability. We’re defining the communication assistance category for individuals, enterprises, and developers with tailored service offerings: Grammarly Premium, Grammarly Business, Grammarly for Education, and Grammarly for Developers. All of this begins with our team collaborating in an inclusive, values-driven, and learning-oriented environment.
User trust is at the heart of everything that we do. To achieve our ambitious goals, we’re looking for a Security Engineer, Application Security to join the Grammarly Security team. This person will have a substantial impact on maintaining the trust of the millions of users who rely on Grammarly product offerings every day. They will drive security improvements across the entire stack, from the UI, to the back-end, to the underlying server infrastructure.
Grammarly’s security engineers have the freedom to develop practical solutions that, in turn, influence our security culture. The engineering landscape at Grammarly is complex, as we create innovative product offerings, expand to new platforms, and scale underlying cloud systems—all while strengthening and expanding our global team. Read more about our stack or hear from our team on our technical blog.
As Security Engineer, Application Security, you will:
- Deep dive into our services and product offerings to review the security of the design and implementation of our applications.
- Perform black-box and white-box penetration testing of different product offerings and web services.
- Research and deploy the latest security assurance tools to identify and prevent security risks within CI/CD pipelines.
- Work with the product development teams, raising security awareness and offering expertise to keep our products protected against known and unknown vulnerabilities.
- Identify root cause findings from the external security community through our bug bounty program.
- Represent Grammarly’s security engineering team both within and outside of the company.
We’re looking for someone who
- Embodies our EAGER values—is ethical, adaptable, gritty, empathetic, and remarkable.
- Is able to collaborate in person 2 weeks per quarter, traveling if necessary to the hub where the team is based.
- Is a security practitioner with a proven record of security-focused technical contributions in application security, secure development, and penetration testing.
- Builds strong relationships with peers across the company to evangelize a security culture.
- Nurtures the talent in the team and raises the technical talent bar when recruiting for their team.
- Identifies impactful and practical solutions for security, from low-hanging fruit to long-term investments.
Support for you, professionally and personally
- Professional growth: We believe that autonomy and trust are key to empowering our team members to do their best, most innovative work in a way that aligns with their interests, talents, and well-being. We also support professional development and advancement with training, coaching, and regular feedback.
- A connected team: Grammarly builds a product that helps people connect, and we apply this mindset to our own team. Our remote-first hybrid model enables a highly collaborative culture supported by our EAGER (ethical, adaptable, gritty, empathetic, and remarkable) values. We work to foster belonging among team members in a variety of ways. This includes our employee resource groups, Grammarly Circles, which promote connection among those with shared identities including BIPOC and LGBTQIA+ team members, women, and parents. We also celebrate our colleagues and accomplishments with global, local, and team-specific programs.
- Comprehensive benefits: Grammarly offers all team members competitive pay along with a benefits package encompassing life care (including mental health care and risk benefits) and ample and defined time off. We also offer support to set up a home office, wellness and pet care stipends, learning and development opportunities, and more. Note that benefits may differ by location.
We encourage you to apply
At Grammarly, we value our differences, and we encourage all to apply. Grammarly is an equal opportunity company. We do not discriminate on the basis of race or ethnic origin, religion or belief, gender, disability, sexual identity, or age.
For more details about the personal data Grammarly collects during the recruitment process, for what purposes, and how you can address your rights, please see the Grammarly Data Privacy Notice for Candidates here.
Please note that Grammarly’s COVID-19 vaccination policy requires that all team members in North America be vaccinated against COVID-19 to meet in person for Grammarly business or to work from a North America hub location. It is expected that this will be a requirement for this role. Qualified candidates in North America who cannot be vaccinated for medical reasons or because of a sincerely held religious belief may request a reasonable accommodation to this policy. For Europe, this policy requires team members to be vaccinated or produce a daily negative COVID-19 test administered on-site to work from the hub or attend in-person meetings.