Senior Security Researcher, Applications - 100% Remote Canada
The Senior Security Researcher will investigate and analyze vulnerabilities in open-source software. Sonatype is looking for a passionate, driven and talented developer to provide high-quality security data from researching software vulnerabilities. This is not a development position but relies on development experience to help navigate complex architectures and threat vectors in open source software. This high-quality security data ensures that our customers are getting maximum value out of our products making them feel like they are part of the Sonatype family. If you are a positive-thinker and problem-solver and believe that customer success and company success go hand-in-hand, this is a great job for you. This position will provide a valuable learning opportunity with the great potential to grow your newly started career in cyber-security. Enjoy your job as you work in a fast-paced, flexible, and fun environment, with talented, diverse, and forward-thinking individuals. Key Areas of Focus
- Review, isolate, analyze, and reverse engineer vulnerabilities in open-source software
- Document attack capabilities
- Provide detection and remediation guidance
- Aid in ideas and prototypes for new tooling
- Collaborate with other team members toward shared product goals
- Improve Sonatype products by providing valuable security data
- Work with technology and business team members to define and refine requirements in an agile development environment
Required Background
- 5+ years of experience in application security or development experience in Java, C#, Python, JavaScript, C/C++ or Ruby
- Excellent oral and written communication skills
- Excellent organizational skills and detail-oriented
- Ability to work independently and as part of a team
Desired Background
- Bachelor of Science Degree in Computer Science, Cybersecurity, Engineering, or related field
- Knowledge of application security such as the OWASP Top 10 or Sans 25
- Knowledge of different languages such as Python, Ruby, and scripting
- Knowledge of different operating systems such as *NIX, Windows
- Application vulnerability assessment or penetration testing experience
- Knowledge of open source environments like Github is a plus
What We Offer
- The opportunity to be part of an incredible, high-growth company, working on a team of experienced colleagues
- Competitive salary package
- Medical/Dental/Vision benefits
- Business casual dress
- Flexible work schedules that ensure time for you to be you
- 2019 Best Places to Work Washington Post and Washingtonian
- 2019 Wealthfront Top Career Launch Company
- EY Entrepreneur of the Year 2019
- Fast Company Top 50 Companies for Innovators
- Glassdoor ranking of 4.9
- Come see why we've won all of these awards