Software Vulnerability Researcher - Remote UK - 2018644
UK - Remote
Sonatype
Accelerate innovation by building security directly into your software development lifecycle. Trusted by +2000 organizations and +15 million developers.Learn more at www.sonatype.com.
The Software Vulnerability Researcher will investigate and analyze vulnerabilities in open-source software.
Sonatype is looking for a passionate, driven, and talented developer to provide high-quality security data from researching software vulnerabilities. This is not a development position but relies on development experience to help navigate complex architectures and threat vectors in open-source software. This high-quality security data ensures that our customers get maximum value from our products, making them feel like part of the Sonatype family.
If you are a positive-thinker and problem-solver and believe that customer success and company success go hand-in-hand, this is a great job for you. This position will provide a valuable learning opportunity with great potential to grow your newly started career in cyber-security. Enjoy your job as you work in a fast-paced, flexible, and fun environment with talented, diverse, and forward-thinking individuals.
Key Areas of Focus
- Review, isolate, analyze, and reverse engineer vulnerabilities in open-source software
- Document attack capabilities
- Provide detection and remediation guidance
- Aid in ideas and prototypes for new tooling
- Collaborate with other team members toward shared product goals
- Improve Sonatype products by providing valuable security data
Required Background
- 5+ years of experience in application security or development experience in Java, C#, Python, JavaScript, C/C++, or Ruby
- Excellent oral and written communication skills
- Excellent organizational skills and detail-oriented
- Ability to work independently and as part of a team
- Currently reside in the UK - we are eager to find applicants based in any UK location, in particular Northern Ireland and who are legally entitled to work in this location without sponsorship.
Desired Background - nice to have
- Bachelor of Science Degree in Computer Science, Cybersecurity, Engineering, or related field
- Knowledge of application security such as the OWASP Top 10 or Sans 25
- Knowledge of different languages such as Python, Ruby, and scripting
- Knowledge of different operating systems such as *NIX, Windows
- Application vulnerability assessment or penetration testing experience
- Knowledge of open-source environments like Github is a plus
Things that we are proud of
- The opportunity to be part of an incredible, high-growth company, working on a team of experienced colleagues
- Fast Company Top 50 Companies for Innovators 2018, 2019, and 2020
- 2019 Best Places to Work Washington Post and Washingtonian
- 2019 Wealthfront Top Career Launch Company
- EY Entrepreneur of the Year 2019
- Diversity & Inclusion Working Groups
- Parental Leave Policy
- Paid Volunteer Time Off (VTO)
- Long term type of contract (contrato término indefinido)
- Flexible working hours 100% remote
- Fast learning
- Career plan
- Bonus for personal results
- Corporate results bonus.
- Additional vacation days (depending on time worked)
- Colombian holidays
- Opportunity to travel to the United States once a year for our Annual corporate meeting
At Sonatype, we value diversity and inclusivity. We offer perks such as parental leave, diversity, and inclusion working groups, and flexible working practices to allow our employees to show up as their whole selves. We are an equal opportunity employer, and we do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status. If you have a disability or special need that requires accommodation, please do not hesitate to let us know.
#LI-Remote
Tags: Application security C C++ Computer Science GitHub Java JavaScript Open Source OWASP Pentesting Python Ruby SANS Scripting Vulnerabilities Windows
Perks/benefits: Career development Flex hours Flex vacation Parental leave Salary bonus Startup environment
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Staff Security Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Security Analyst jobs
- Open Security Operations Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Information Security Analyst jobs
- Open Product Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Principal Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Information Security Engineer jobs
- Open Consultant SOC / CERT H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Specialist jobs
- Open Security Specialist jobs
- Open Security Researcher jobs
- Open Chief Information Security Officer jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Specialist jobs
- Open IT Security Engineer jobs
- Open Clearance-related jobs
- Open ISO 27001-related jobs
- Open Windows-related jobs
- Open Application security-related jobs
- Open Network security-related jobs
- Open CISM-related jobs
- Open Pentesting-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open IAM-related jobs
- Open CISA-related jobs
- Open Threat intelligence-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open EDR-related jobs
- Open Malware-related jobs
- Open APIs-related jobs
- Open Security Clearance-related jobs
- Open IDS-related jobs
- Open DevSecOps-related jobs
- Open CI/CD-related jobs