Javascript Engineer (IV-V)

Please note: Due to high application volume, we’re unable to respond to messages or accept resumes sent through email or other platforms. Please apply through this page only!

About Confiant

Confiant is cybersecurity built for advertising. We secure the ad economy from the inside out, providing real-time intelligence and precise controls that detect and block malvertising, scams, disruptive creatives, and compliance risks before they reach users. By disrupting the business models of bad actors, Confiant empowers digital media to enforce standards, ensure quality, and uphold trust across the ad economy. We protect what matters most — revenue, reputation, and relationships — securing the foundation that allows good advertising to thrive.

About The Team

We are a small but growing engineering team focused on high standards, collaboration, continuous improvement, and end-to-end ownership. Our rapidly evolving tech stack powers large-scale ETL systems, APIs, embedded systems, and SDKs that process tens of millions of transactions daily for leading AdTech companies. The Engineering team partners closely with security researchers to turn threat intelligence into SDK-level detections and partner with Core engineering team to ensure seamless backend integration. Engineers own the full lifecycle of problem-solving—from design and implementation to customer impact and operational support.

We are a 100% virtual company, and all our team members work from home worldwide. We support optional monthly gatherings in New York City (our original home) and quarterly on-sites in various locations across the world in order to maintain the human connection and trust required to be a high-performing organization.

Role Overview

We are seeking an experienced JavaScript Engineer to be part of the team that owns and evolves the core client-side SDK that sits at the heart of Confiant's malvertising detection and blocking technology. This is a deeply technical, specialized role focused on building and maintaining a high-performance JavaScript SDK that is embedded across a wide network of publisher and ad platform integrations.

You will be engineering the invisible — precise, performant, and resilient JavaScript that executes in real-time within ad environments to detect and neutralize threats before they reach end users.

The ideal candidate has a genuine passion for the craft of JavaScript at a systems level: understanding the browser runtime deeply, obsessing over payload size and execution cost, and building SDK distribution and versioning strategies that scale cleanly across a large, diverse customer base.

Key Responsibilities

• Co-own the design, development, and ongoing maintenance of Confiant's client-side JavaScript SDK with your teammates

• Build and optimize SDK internals for maximum runtime performance — minimizing execution time, memory footprint, and impact on page load across diverse publisher environments

• Develop robust SDK versioning, deployment, and distribution strategies that allow seamless rollouts and updates across a large, heterogeneous customer base

• Translate security threat intelligence (e.g., new malvertising techniques, ad injection patterns) into SDK-level detection and blocking logic

• Instrument the SDK for observability — ensuring signals, errors, and detection events are surfaced reliably back to Confiant's backend systems

• Collaborate with the security research team to stay ahead of evolving malvertiser methods and rapidly prototype new detection heuristics

• Conduct rigorous performance profiling, benchmarking, and regression testing to ensure SDK changes never degrade customer experience

• Establish and champion SDK engineering best practices including testing strategies, documentation standards, and release processes

• Debug complex, time-sensitive production issues occurring within live ad environments across a wide range of browsers and platforms

Experience & Qualifications

• Expert-level JavaScript (ES6+) with deep knowledge of browser internals — the event loop, memory model, garbage collection, and execution context

• Strong understanding of how JavaScript executes within third-party and sandboxed environments (iframes, ad slots, cross-origin contexts)

• Proven experience building, shipping, and maintaining JavaScript SDKs or embeddable scripts at production scale

• Demonstrated ability to optimize for performance: bundle size, parse time, runtime efficiency, and network impact

• Experience with SDK distribution patterns — versioning strategies, CDN delivery, backward compatibility, and graceful degradation

• Proficiency with modern JavaScript tooling: bundlers (Webpack, Rollup, esbuild), transpilers (Babel/SWC), and testing frameworks (Jest, Playwright, or similar)

• Deep familiarity with browser security models, including same-origin policy, CSP, and cross-origin isolation

Nice to Have

• Experience in AdTech, including familiarity with ad serving infrastructure, tag management, or programmatic advertising concepts

• Background in security engineering, threat detection, or malware analysis

• Experience instrumenting client-side SDKs for telemetry and observability

• Familiarity with browser automation tools (e.g., Puppeteer, Playwright) for testing ad environments

Leveling

• Engineer IV (Staff): 6+ years of experience, with a track record of leading the technical direction of a library or SDK product. Comfortable operating as a force multiplier across the engineering team and interfacing effectively with product stakeholders.

• Engineer V (Staff): Minimum of 8+ years of experience and significant maturity solving complex problems across various technical domains, communicating with/through Product and being a force multiplier for your engineering team as well as proven experience in setting engineering practices and principles within a working environment.

Benefits

• Fully Remote

• Unlimited Paid Time Off

• Sabbatical

• Stock Option Plan

• Exceptional Health Care Plans (Medical, Dental & Vision)

• FSA & Commuter Benefits

• Employee Sponsored Disability & Life Insurance

• 401(k) Plan with Automatic Employer Contribution

• Enhanced and Extended Family Leave

• Learning & Development Budget

• Yearly Office Supply Stipend

• Free Global Co-Working Membership

Confiant may use artificial intelligence (AI) and machine learning (ML) technologies, including natural language processing and predictive analytics, to assist in the initial screening of employment applications. These AI/ML tools assess applications against the characteristics and qualifications relevant to the job requisition. These tools are designed to help identify potentially qualified candidates, but they do not make automated hiring decisions. The AI/ML-generated assessments are one of several factors considered in the hiring process. Our human recruiters thoroughly evaluate your skills and qualifications to determine your suitability for the role.

If you are a New York City resident, you have a right to take at least 10 business days to decide whether to proceed with submitting your information through this process. By continuing, you confirm your understanding of this notice. If you choose to proceed before the 10-business-day period expires, you are making a knowing and voluntary decision to do so.