Requirements and responsibilities
About ConfiantConfiant is cybersecurity built for advertising. We secure the ad economy from the inside out, providing real-time intelligence and precise controls that detect and block malvertising, scams, disruptive creatives, and compliance risks before they reach users. By disrupting the business models of bad actors, Confiant empowers digital media to enforce standards, ensure quality, and uphold trust across the ad economy. We protect what matters most — revenue, reputation, and relationships — securing the foundation that allows good advertising to thrive.About The TeamWe are a small but growing engineering team focused on high standards, collaboration, continuous improvement, and end-to-end ownership. Our rapidly evolving tech stack powers large-scale ETL systems, APIs, embedded systems, and SDKs that process tens of millions of transactions daily for leading AdTech companies. The Engineering team partners closely with security researchers to turn threat intelligence into SDK-level detections and partner with Core engineering team to ensure seamless backend integration. Engineers own the full lifecycle of problem-solving—from design and implementation to customer impact and operational support.We are a 100% virtual company, and all our team members work from home worldwide. We support optional monthly gatherings in New York City (our original home) and quarterly on-sites in various locations across the world in order to maintain the human connection and trust required to be a high-performing organization.Role OverviewWe are seeking an experienced JavaScript Engineer to be part of the team that owns and evolves the core client-side SDK that sits at the heart of Confiant's malvertising detection and blocking technology. This is a deeply technical, specialized role focused on building and maintaining a high-performance JavaScript SDK that is embedded across a wide network of publisher and ad platform integrations.You will be engineering the invisible — precise, performant, and resilient JavaScript that executes in real-time within ad environments to detect and neutralize threats before they reach end users.The ideal candidate has a genuine passion for the craft of JavaScript at a systems level: understanding the browser runtime deeply, obsessing over payload size and execution cost, and building SDK distribution and versioning strategies that scale cleanly across a large, diverse customer base.Key ResponsibilitiesCo-own the design, development, and ongoing maintenance of Confiant's client-side JavaScript SDK with your teammatesBuild and optimize SDK internals for maximum runtime performance — minimizing execution time, memory footprint, and impact on page load across diverse publisher environmentsDevelop robust SDK versioning, deployment, and distribution strategies that allow seamless rollouts and updates across a large, heterogeneous customer baseTranslate security threat intelligence (e.g., new malvertising techniques, ad injection patterns) into SDK-level detection and blocking logicInstrument the SDK for observability — ensuring signals, errors, and detection events are surfaced reliably back to Confiant's backend systemsCollaborate with the security research team to stay ahead of evolving malvertiser methods and rapidly prototype new detection heuristicsConduct rigorous performance profiling, benchmarking, and regression testing to ensure SDK changes never degrade customer experienceEstablish and champion SDK engineering best practices including testing strategies, documentation standards, and release processesDebug complex, time-sensitive production issues occurring within live ad environments across a wide range of browsers and platformsExperience & QualificationsExpert-level JavaScript (ES6+) with deep knowledge of browser internals — the event loop, memory model, garbage collection, and execution contextStrong understanding of how JavaScript executes within third-party and sandboxed environments (iframes, ad slots, cross-origin contexts)Proven experience building, shipping, and maintaining JavaScript SDKs or embeddable scripts at production scaleDemonstrated ability to optimize for performance: bundle size, parse time, runtime efficiency, and network impactExperience with SDK distribution patterns — versioning strategies, CDN delivery, backward compatibility, and graceful degradationProficiency with modern JavaScript tooling: bundlers (Webpack, Rollup, esbuild), transpilers (Babel/SWC), and testing frameworks (Jest, Playwright, or similar)Deep familiarity with browser security models, including same-origin policy, CSP, and cross-origin isolationNice to HaveExperience in AdTech, including familiarity with ad serving infrastructure, tag management, or programmatic advertising conceptsBackground in security engineering, threat detection, or malware analysisExperience instrumenting client-side SDKs for telemetry and observabilityFamiliarity with browser automation tools (e.g., Puppeteer, Playwright) for testing ad environmentsLevelingEngineer IV (Staff): 6+ years of experience, with a track record of leading the technical direction of a library or SDK product. Comfortable operating as a force multiplier across the engineering team and interfacing effectively with product stakeholders.Engineer V (Staff): Minimum of 8+ years of experience and significant maturity solving complex problems across various technical domains, communicating with/through Product and being a force multiplier for your engineering team as well as proven experience in setting engineering practices and principles within a working environment.BenefitsFully RemoteUnlimited Paid Time OffSabbaticalStock Option PlanExceptional Health Care Plans (Medical, Dental & Vision)FSA & Commuter BenefitsEmployee Sponsored Disability & Life Insurance401(k) Plan with Automatic Employer ContributionEnhanced and Extended Family LeaveLearning & Development BudgetYearly Office Supply StipendFree Global Co-Working Membership
Optionally, you can add more information later (benefits, pre-screening questions, etc.)