Contrast Security named to Inc.'s “Best Workplaces of 2020” Contrast Security is the world’s leading provider of security technology that enables software applications to protect themselves against cyberattacks, heralding the new era of self-protecting software. Contrast's patented deep security instrumentation is the breakthrough technology that enables highly accurate assessment and always-on protection of an entire application portfolio, without disruptive scanning or expensive security experts. Only Contrast has sensors that work actively inside applications to uncover vulnerabilities, prevent data breaches, and secure the entire enterprise from development, to operations, to production. About the Position Our Application Security Research team is hyper-focused on continuous vulnerability and threat research affecting the world's software ecosystem. He or she will be responsible for maintaining the fidelity of research and findings in our real-time security intelligence platform. Most vulnerability findings will be based on third-party code in the Open Source community. However, additional efforts will be driven from findings in the Contrast platform. It will present an opportunity as a security researcher to contribute original research. The Senior Manager - Application Security Research is responsible for supporting and contributing to Contrast’s growing and enhancing original security research efforts relevant to the development communities associated with Contrast Assess, Protect, OSS, Scan, and Serverless platforms. Original research will be published in company blogs, papers and presentations. Traveling to an off-site event may be happen on an annual basis but this can be a fully remote position anywhere in the U.S. Roles and Responsibilities
- Aid in communication of business product strategy and the role security research plays in meeting customer and partner needs
- Manage a global team of passionate and skillful security research professionals
- Drive team success through use of Objectives and Key Results (OKR)
- Conduct basic and applied research on important and challenging problems in application security
- Help define and drive research projects, either on your own or in collaboration with others on the team
- Engage with Contrast’s product teams and customers to promote and seek out new research initiatives
- Support the gathering of language, library, license and application security research
- Process emerging threats, such as evaluating externally found CVEs and risks
- Development and presentation of content associated with the security research through conference speaking and/or blogging
- Ability to perform vulnerability and penetration testing assessments
- Software background in Java or .NET (plus if you have experience with Python, NodeJS, Ruby and/or GoLang)
- Understands the OWASP Top 10 and SANS/CWE Top 25
- Experience with ethical hacking and vulnerability management reporting
- Knowledge of cloud hosting environments (AWS, Azure, GCP, OCI, etc)
- You have strong communication skills
- You ask questions, let others know when you need help, and tell others what you need
- 5-10 years of experience in industry application security research or direct application, including people management experience
- Experience with threat modeling and attack forensics
What We Offer
- Competitive Compensation
- Medical, dental, and vision benefits
- 401(k) plan
- Flexible paid time off