Company Logo

Software Engineer

Netflix - 1d ago

Company Logo

Senior Software Engineer

Reddit - 4d ago

Intermediate Vulnerability Research Engineer, Application Security Testing: Vulnerability Research

AI Summary ✨

Requirements

  • 3+ years of direct experience in developing and improving vulnerability detection products in the context of web security.
  • Knowledge of the vulnerability management process.
  • Knowledge of software composition analysis (SCA) and software supply chain ecosystems.
  • Experience with source code analysis, static application security testing (SAST), and dynamic application security testing (DAST) along with benchmarking experience testing the efficacy of these products.
  • Knowledge about compilers, compiler design and construction.
  • Experience developing automated web security testing/analysis tools.
  • Experience in product development.
  • You have a passion for security and open source, and enjoy collaborating with cross-functional teams.

What You'll Be Doing

  • Carry out research and come up with proofs of concepts that affect the security products and GitLab, including SAST, DAST, Secret Detection and Composition Analysis.
  • Curate advisory databases for dependency scanning.
  • Build/develop benchmarks to test the efficacy of scanning and detection products.
  • Measure and Improve the efficacy of scanning and detection products over time.
  • Write detailed technical reports.
  • Assess security product output results and conduct root cause analysis.
  • Respond to internal and external customer inquiries on vulnerabilities.

Nice to Haves

  • Experience in vulnerability detection products

Perks and Benefits

  • Benefits to support your health, finances, and well-being
  • All remote, asynchronous work environment
  • Flexible Paid Time Off
  • Team Member Resource Groups
  • Equity Compensation & Employee Stock Purchase Plan
  • Growth and development budget
  • Parental leave
  • Home office support
Apply here
GitLab logo

GitLab

Remote EMEA

Experience: Mid-level
Posted: October 30, 2024
Git
security

Get notified about new job opportunities

Subscribe