Senior Security Researcher - Applications - Canada/Colombia/US 100% Remote

Sonatype via Stack Overflow
Other

Nov 20th 2018


The Senior Security Researcher will investigate and analyze vulnerabilities in open-source software. Sonatype is looking for a passionate, driven and talented developer to provide high-quality security data from researching software vulnerabilities.  This is not a development position but relies on development experience to help navigate complex architectures and threat vectors in open source software. This high-quality security data ensures that our customers are getting maximum value out of our products making them feel like they are part of the Sonatype family.   If you are a positive-thinker and problem-solver and believe that customer success and company success go hand-in-hand, this is a great job for you. This position will provide a valuable learning opportunity with the great potential to grow your newly started career in cyber-security. Enjoy your job as you work in a fast-paced, flexible, and fun environment, with talented, diverse, and forward-thinking individuals. Key Areas of Focus

  • Review, isolate, analyze, and reverse engineer vulnerabilities in open-source software
  • Document attack capabilitiesProvide detection and remediation guidance
  • Aid in ideas and prototypes for new tooling
  • Collaborate with other team members toward shared product goals
  • Improve Sonatype products by providing valuable security data
  • Work with technology and business team members to define and refine requirements in an agile development environment

Required Background

  • 5+ years of experience in application security or development experience in Java, C#, Python, JavaScript, C/C++ or Ruby
  • Excellent oral and written communication skills
  • Excellent organizational skills and detail oriented
  • Ability to work independently and as part of a team

Desired Background

  • Bachelor of Science Degree in Computer Science, Cybersecurity, Engineering, or related field
  • Knowledge of application security such as the OWASP Top 10 or Sans 25
  • Knowledge of different languages such as Python, Ruby, and scripting
  • Knowledge of different operating systems such as *NIX, Windows
  • Application vulnerability assessment or penetration testing experience
  • Knowledge of open source environments like Github is a plus
Apply for this job