Senior Application Security Researcher
United States
Applications have closed
Contrast Security
Contrast Security application security software unifies security and development with one DevSecOps platform and increases accuracy and productivity.Contrast Security is the world’s leading provider of security technology that enables software applications to protect themselves against cyberattacks, heralding the new era of self-protecting software. Contrast's patented deep security instrumentation is the breakthrough technology that enables highly accurate assessment and always-on protection of an entire application portfolio, without disruptive scanning or expensive security experts. Only Contrast has sensors that work actively inside applications to uncover vulnerabilities, prevent data breaches, and secure the entire enterprise from development to operations, to production.
Our Application Security Research team is hyper-focused on continuous vulnerability and threat research affecting the world's software ecosystem. They will be responsible for maintaining the fidelity of research and findings in our real-time security intelligence platform.
Most vulnerability findings will be based on third-party code in the Open Source community. However, additional efforts will be driven from findings in the Contrast platform. It will present an opportunity as a security researcher to contribute original research.
The Application Security Researcher supports and contributes to Contrast’s growing and enhancing original security research efforts relevant to the development communities associated with Contrast Assess and Protect platforms. Original research will be published in company blogs, papers, and presentations.
This is a full-time position that can work 100% remotely anywhere in the U.S.
Roles and Responsibilities
- Conduct basic and applied research on important and challenging problems in application security
- Help define and drive research projects, either on your own or in collaboration with others on the team
- Engage with Contrast’s product teams and customers to promote and seek out new research initiatives
- Support the gathering of language, library, license, and application security research
- Process emerging threats, such as evaluating externally found CVEs and risks
- Development and presentation of content associated with the security research through conference speaking and/or blogging
- Provide tier-3 support for reported incidents and escalation of security findings review
- Ability to perform vulnerability and penetration testing assessments
- Support and drive the security evaluation of third-party software and tools
Requirements
- Software background in NodeJS, Python, Ruby (plus if you have experience with Java, .NET, and/or GoLang)
- Understands the OWASP Top 10 and SANS/CWE Top 25
- Experience with ethical hacking and vulnerability management reporting
- Knowledge of cloud hosting environments (AWS, Azure, GCP, OCI, etc.)
- You have strong communication skills
- You ask questions, let others know when you need help, and tell others what you need
- 5+ years of experience in industry application security research or direct application
What We Offer
- Competitive Compensation
- Medical, dental, and vision benefits
- 401(k) plan
- Flexible paid time off
#LI-Remote#LI-RH1
We are changing the world of software security. Do it with us. We believe in what we do and are passionate about helping our customers secure their business.If you’re looking for a challenge and want to enjoy where you work, you’ll love Contrast Security.
Contrast Security is committed to a diverse and inclusive workplace. Contrast Security is an equal opportunity employer and our team is comprised of individuals from many diverse backgrounds, lifestyles, and locations.
By submitting your application, you are providing Personal Information about yourself (cover letter, resume, email address, etc.) and hereby give your consent for Contrast Security, Inc. and/or our HR-related Service Providers, to use this information for the purpose of processing, evaluating and responding to your application for current and future career opportunities. If you are a resident of the European Economic Area or are applying for a position in the European Economic Area, Contrast’s Privacy Statement reflects our policies around compliance with the General Data Protection Regulation (“GDPR”) and your rights respective to GDPR as a California resident, you are entitled to certain rights under CCPA: The California Consumer Privacy Act of 2018 (“CCPA”) will go into effect on January 1, 2020. Under CCPA, businesses must be overtly transparent about the personal information they collect, use, and store on California residents. CCPA also gives employees, applicants, independent contractors, emergency contacts and dependents (“CA Employee”) new rights to privacy.* We could support remote work in most states except Colorado.
Recruitment Agencies: Although we value the services you provide, at this time we are not accepting resumes from agencies, headhunters, or other suppliers who have not signed a formal agreement with us.
Tags: Application security AWS Azure CCPA Cloud Compliance Ethical hacking GCP GDPR Golang Java Node.js Open Source OWASP Pentesting Privacy Python Ruby SANS Threat Research Vulnerabilities Vulnerability management
Perks/benefits: Career development Competitive pay Flex vacation Health care
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Officer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Cyber Security Specialist jobs
- Open Cybersecurity Analyst jobs
- Open Manager Pentest H/F jobs
- Open Chief Information Security Officer jobs
- Open Product Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Security Specialist jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open IT Security Analyst jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open IT Security Engineer jobs
- Open Security Researcher jobs
- Open Security Operations Analyst jobs
- Open Sr. Security Engineer jobs
- Open Cybersecurity Specialist jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open Agile-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Analytics-related jobs
- Open Threat intelligence-related jobs
- Open SaaS-related jobs
- Open Security assessment-related jobs
- Open APIs-related jobs
- Open Malware-related jobs
- Open Java-related jobs
- Open Forensics-related jobs
- Open Security Clearance-related jobs
- Open IDS-related jobs
- Open CEH-related jobs
- Open DevOps-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs