Javascript Engineer (IV-V)

Confiant•New York, NY

2d•Remote

About The Position

Confiant is a cybersecurity company focused on the advertising industry, aiming to secure the ad economy by detecting and blocking malvertising, scams, disruptive creatives, and compliance risks. They provide real-time intelligence and controls to protect revenue, reputation, and relationships. The engineering team is collaborative, focused on continuous improvement, and owns the full lifecycle of problem-solving. The company is 100% virtual, with optional in-person gatherings. This role specifically involves owning and evolving the core client-side SDK, a high-performance JavaScript component embedded across a wide network of publisher and ad platform integrations. The engineer will focus on building precise, performant, and resilient JavaScript that operates in real-time within ad environments to detect and neutralize threats before they reach end-users. The ideal candidate has a deep understanding of JavaScript at a systems level, the browser runtime, payload size, execution cost, and SDK distribution strategies.

Requirements

Expert-level JavaScript (ES6+) with deep knowledge of browser internals — the event loop, memory model, garbage collection, and execution context
Strong understanding of how JavaScript executes within third-party and sandboxed environments (iframes, ad slots, cross-origin contexts)
Proven experience building, shipping, and maintaining JavaScript SDKs or embeddable scripts at production scale
Demonstrated ability to optimize for performance: bundle size, parse time, runtime efficiency, and network impact
Experience with SDK distribution patterns — versioning strategies, CDN delivery, backward compatibility, and graceful degradation
Proficiency with modern JavaScript tooling: bundlers (Webpack, Rollup, esbuild), transpilers (Babel/SWC), and testing frameworks (Jest, Playwright, or similar)
Deep familiarity with browser security models, including same-origin policy, CSP, and cross-origin isolation

Nice To Haves

Experience in AdTech, including familiarity with ad serving infrastructure, tag management, or programmatic advertising concepts
Background in security engineering, threat detection, or malware analysis
Experience instrumenting client-side SDKs for telemetry and observability
Familiarity with browser automation tools (e.g., Puppeteer, Playwright) for testing ad environments

Responsibilities

Co-own the design, development, and ongoing maintenance of Confiant's client-side JavaScript SDK with your teammates
Build and optimize SDK internals for maximum runtime performance — minimizing execution time, memory footprint, and impact on page load across diverse publisher environments
Develop robust SDK versioning, deployment, and distribution strategies that allow seamless rollouts and updates across a large, heterogeneous customer base
Translate security threat intelligence (e.g., new malvertising techniques, ad injection patterns) into SDK-level detection and blocking logic
Instrument the SDK for observability — ensuring signals, errors, and detection events are surfaced reliably back to Confiant's backend systems
Collaborate with the security research team to stay ahead of evolving malvertiser methods and rapidly prototype new detection heuristics
Conduct rigorous performance profiling, benchmarking, and regression testing to ensure SDK changes never degrade customer experience
Establish and champion SDK engineering best practices including testing strategies, documentation standards, and release processes
Debug complex, time-sensitive production issues occurring within live ad environments across a wide range of browsers and platforms