This job post is closed and the position is probably filled. Please do not apply. Work for Sonatype and want to re-open this job? Use the edit link in the email when you posted the job!
๐ค Closed by robot after apply link errored w/ code 404 2 years ago
\nThe Senior Security Researcher will investigate and analyze vulnerabilities in open-source software. Sonatype is looking for a passionate, driven and talented developer to provide high-quality security data from researching software vulnerabilities. This is not a development position but relies on development experience to help navigate complex architectures and threat vectors in open-source software. This high-quality security data ensures that our customers are getting maximum value out of our products making them feel like they are part of the Sonatype family. If you are a positive-thinker and problem-solver and believe that customer success and company success go hand-in-hand, this is a great job for you. This position will provide a valuable learning opportunity with the great potential to grow your newly started career in cyber-security. Enjoy your job as you work in a fast-paced, flexible, and fun environment, with talented, diverse, and forward-thinking individuals. Key Areas of Focus\n\n\n* Review, isolate, analyze, and reverse engineer vulnerabilities in open-source software\n\n* Document attack capabilities\n\n* Provide detection and remediation guidance\n\n* Aid in ideas and prototypes for new tooling\n\n* Collaborate with other team members toward shared product goals\n\n* Improve Sonatype products by providing valuable security data\n\n* Work with technology and business team members to define and refine requirements in an agile development environment\n\n\n\n\nRequired Background\n\n\n* 5+ years of experience in application security or development experience in Java, C#, Python, JavaScript, C/C++ or Ruby\n\n* Excellent oral and written communication skills\n\n* Excellent organizational skills and detail-oriented\n\n* Ability to work independently and as part of a team\n\n\n\n\nDesired Background\n\n\n* Bachelor of Science Degree in Computer Science, Cybersecurity, Engineering, or related field\n\n* Knowledge of application security such as the OWASP Top 10 or Sans 25\n\n* Knowledge of different languages such as Python, Ruby, and scripting\n\n* Knowledge of different operating systems such as *NIX, Windows\n\n* Application vulnerability assessment or penetration testing experience\n\n* Knowledge of open-source environments like Github is a plus\n\n\n \n\n#Salary and compensation\n
No salary data published by company so we estimated salary based on similar jobs related to InfoSec, Senior and Engineer jobs that are similar:\n\n
$80,000 — $120,000/year\n
\n\n#Benefits\n
๐ฐ 401(k)\n\n๐ Distributed team\n\nโฐ Async\n\n๐ค Vision insurance\n\n๐ฆท Dental insurance\n\n๐ Medical insurance\n\n๐ Unlimited vacation\n\n๐ Paid time off\n\n๐ 4 day workweek\n\n๐ฐ 401k matching\n\n๐ Company retreats\n\n๐ฌ Coworking budget\n\n๐ Learning budget\n\n๐ช Free gym membership\n\n๐ง Mental wellness budget\n\n๐ฅ Home office budget\n\n๐ฅง Pay in crypto\n\n๐ฅธ Pseudonymous\n\n๐ฐ Profit sharing\n\n๐ฐ Equity compensation\n\nโฌ๏ธ No whiteboard interview\n\n๐ No monitoring system\n\n๐ซ No politics at work\n\n๐ We hire old (and young)\n\n
# How do you apply?\n\nThis job post has been closed by the poster, which means they probably have enough applicants now. Please do not apply.