Sr. Software Engineer (Frontend) - Extensions Team

 Posted 2 hours ago
     
5-10 years experience
Apply Now

Please mention DailyRemote when applying

AI Summary

Own and scale the cross-browser extension for managing credentials, focusing on quality, performance, and security. Lead a security-first engineering culture while integrating AI-assisted tools into the development workflow.

OVERVIEW & IMPACT

At Cerby, software engineers are at the heart of driving technology and product innovation. As a Senior Software Engineer on the Extension team, you will own and scale the browser extension at the core of Cerby's platform — the surface where users manage application passwords, autofill and inject credentials across the sites they use every day, and authenticate through passkeys and federated identity providers. The extension is a cross-browser Manifest V3 product shipping to Chrome, Edge, Firefox, and Safari, backed by service-worker-driven background synchronization, secure session lifecycle management.

In this role you will own the quality, performance, and security of the extension end-to-end, help lead a security-first engineering culture, and sharpen a product experience that our users' most sensitive credential interactions depend on. Because the extension injects UI into pages we don't control and brokers our users' most sensitive data, security is not a phase of the work — it is the work. You are also expected to embrace AI as a core part of how we build, actively exploring and incorporating AI-assisted tools and practices into your daily development workflow to improve team efficiency and accelerate impact.


KEY RESPONSIBILITIES

  • Design and Develop: Build scalable, high-performance software solutions that align with business goals and user needs, leveraging AI-assisted tools and techniques as part of your engineering practice.
  • Collaborate: Work closely with product managers, engineering managers, UX designers, and other engineers to deliver high-quality features and functionality.
  • Code Excellence: Write clean, maintainable, and efficient code, adhering to best practices and coding standards. Help define and promote best practices across the engineering org, including how AI tools can be responsibly and effectively integrated into development workflows.
  • Continuous Improvement: Participate in code reviews, share knowledge with team members, and continuously improve development processes.
  • Innovation and Curiosity: Champion new technologies, frameworks, and methodologies that drive innovation and product evolution, while continuously exploring ways to leverage AI in your day-to-day work to boost personal efficiency and empower those around you to do the same.
  • Security Mindset: Actively contribute to our security-first approach by proactively identifying vulnerabilities and implementing robust solutions, including treating the frontend dependency ecosystem as a security surface: owning PNPM workspace governance, auditing packages for CVEs, enforcing patching SLAs, and managing supply-chain risk across transitive dependencies. Applies the same critical lens to how AI tools are adopted in development workflows, evaluating their security implications and ensuring they don’t introduce new vectors for risk.
  • Remote Collaboration: Collaborate effectively in a remote-first environment, ensuring seamless communication and teamwork across time zones.
  • Culture: Demonstrates leadership and lives Cerby’s core values to achieve positive outcomes. Help cultivate an environment where experimenting with AI is encouraged, learnings are shared openly, and the team grows together.
  • Problem-Solving: Strong analytical and problem-solving skills with a focus on delivering high-quality solutions.
  • Communication Skills: Ability to communicate complex technical concepts clearly and concisely both in written and verbal form
  • Team Collaboration: Collaborate and thrive in agile teams, actively mentoring engineers, sharing knowledge across the org, and leveraging AI to accelerate documentation (runbooks, ADRs, onboarding guides, post-mortems) to free more time for the deep technical conversations that actually transfer expertise.


QUALIFICATIONS & REQUIRED SKILLS

  • Experience:
    • 5+ years of professional software engineering experience, with a focus on building and scaling SaaS applications.
    • Prior experience developing and maintaining Distributed Applications
    • Previous experience mentoring junior developers and conducting security-first code reviews
  • Technical Expertise:
    • Manifest V3 service-worker model: ephemeral execution and state persistence across termination (chrome.alarms, keep-alive), plus the distributed-system concerns that come with it — cross-tab coordination, background sync, and token-refresh/session races.
    • Content scripts and injection into untrusted pages: isolated-world vs MAIN-world execution, Shadow DOM isolation, and MutationObserver-based DOM resilience.
    • Message passing across content scripts, service worker, popup/side panel, and offscreen documents, with sender/origin validation as a security boundary.
    • Cross-browser delivery to Chrome, Edge, Firefox, and Safari: API divergence (chrome.* vs browser.*), MV2/MV3 differences, Safari packaging, and per-store review/release (staged rollout, rollback, remote-code ban).
    • Native messaging with native host applications, plus extension-specific performance (service-worker cold-start, bundle size, content-script efficiency).
  • Proficiency in:
    • Strong React + TypeScript with utility-first CSS (e.g., TailwindCSS), building UI across extension surfaces (popup, options, side panel, in-page) that is responsive, accessible (WCAG/ARIA), and reusable via a design system.
    • Core frontend and browser fundamentals: browser API, client-side storage (localStorage, IndexedDB, chrome.storage), networking (fetch/XHR), and performance optimization.
    • Designing, consuming, and optimizing REST APIs with efficient data-fetching and caching (e.g., TanStack Query).
    • Front-end security: mitigating XSS, CSRF, and CORS, and applying CSP, including the extension's own CSP model.
    • Modern authentication and identity: OAuth 2.0 / OIDC, SAML, SCIM, and WebAuthn / FIDO2 / passkeys; prior IAM or security experience.
    • Testing (unit, integration, component) and observability (metrics, traces, logs; OpenTelemetry/Datadog a plus), owning delivery end-to-end from design to production in an Agile/CI-CD environment.
  • Nice to have:
    • Experience working with security compliance frameworks (SOC 2, GDPR, HIPPA, etc.)
    • Familiarity with encryption processes and key management. 
    • Prior experience in a venture funded high-growth SaaS startup preferred.


DESIRED QUALITIES

  • Resourceful Achiever: Self-motivated, proactive, and adaptable in solving complex technical challenges.
  • Product Minded: Strong ability to understand customer value, to translate customer needs into software products that deliver tangible customer value.
  • Precision Executor: Focused on optimizing performance, scalability, and reliability in software delivery.
  • Team Player: Strong interpersonal skills, fostering a culture of collaboration and shared success. Actively mentor other engineers.
  • Lifelong Learner: A continuous curiosity to learn and explore emerging technologies and industry trends.
  • Innovative Thinker: Open to creative solutions, and comfortable navigating ambiguity.

Similar Jobs

See all Remote Software Development jobs →

Personalize your Remote Job Search in 3 Easy Steps!

Discover remote opportunities in Software Engineer

Answer easy questions

Answer easy questions

200,000+ jobs across 15+ categories

Get your best job matches

Get your best job matches

Only hand-screened, legit jobs

Find a remote job faster

Find a remote job faster

No ads, scams, or junk

I was the first applicant for a remote marketing position that got listed on the company website the same day I applied. Had an interview within 48 hours!

Sarah J. — Sarah J. · Marketing Manager ★★★★★ Verified