Senior Security Researcher - Applications

Sonatype


1 week ago

02/09/2020 10:22:57

Job type: Full-time

Hiring from: Canada

Category: Software Development


The Senior Security Researcher will investigate and analyze vulnerabilities in open-source software.

Sonatype is looking for a passionate, driven and talented developer to provide high quality security data from researching software vulnerabilities.  This is not a development position but relies on development experience to help navigate complex architectures and threat vectors in open source software. This high quality security data ensures that our customers are getting maximum value out of our products making them feel like they are part of the Sonatype family.  

If you are a positive-thinker and problem-solver and believe that customer success and company success go hand-in-hand, this is a great job for you. This position will provide a valuable learning opportunity with great potential to grow your newly started career in cyber-security. Enjoy your job as you work in a fast-paced, flexible, and fun environment, with talented, diverse, and forward-thinking individuals.

Key Areas of Focus
  • Review, isolate, analyze, and reverse engineer vulnerabilities in open-source software
  • Document attack capabilities
  • Provide detection and remediation guidance
  • Aid in ideas and prototypes for new tooling
  • Collaborate with other team members toward shared product goals
  • Improve Sonatype products by providing valuable security data
  • Work with technology and business team members to define and refine requirements in an agile development environment
  • Currently reside in either Canada or the United States of America and are legally authorized to work without sponsorship in the corresponding country.

Required Background
  • 5+ years of experience in application security or development experience in Java, C#, Python, JavaScript, C/C++ or Ruby
  • Excellent oral and written communication skills
  • Excellent organizational skills and detail oriented
  • Ability to work independently and as part of a team

Desired Background
  • Bachelor of Science Degree in Computer Science, Cybersecurity, Engineering, or related field
  • Knowledge of application security such as the OWASP Top 10 or Sans 25
  • Knowledge of different languages such as Python, Ruby, and scripting
  • Knowledge of different operating systems such as *NIX, Windows
  • Application vulnerability assessment or penetration testing experience
  • Knowledge of open source environments like Github is a plus

What We Offer:
  • The opportunity to be part of an incredible, high-growth company, working on a team of experienced colleagues
  • Competitive salary package
  • Medical/Dental/Vision benefits
  • Business casual dress
  • Flexible work schedules that ensure time for you to be you
  • 2019 Best Places to Work Washington Post and Washingtonian
  • 2019 Wealthfront Top Career Launch Company
  • EY Entrepreneur of the Year 2019
  • Fast Company Top 50 Companies for Innovators
  • Glassdoor ranking of 4.9
  • Come see why we've won all of these awards

We are 300 employees from diverse backgrounds, that hail from 50 countries, and speak 15 languages. But, we all share one thing in common: we’re passionate about accelerating software innovation. Our vision is to put Nexus products at the center of every open source decision made by modern engineering organizations.  We’re one of the fastest growing tech companies in America and have been named both a Deloitte Fast 500 and Inc. 5000 company three years in a row. We’re backed by world class investors including TPG, Goldman Sachs, Accel Partners, and HWVP.  Learn more at www.sonatype.com.
 
Sonatype is proud to be an equal opportunity workplace and an affirmative action employer that is committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or Veteran status. If you have a disability or special need that requires accommodation, please do not hesitate to let us know

Please mention that you come from Remotive when applying for this job.

Help us maintain Remotive! If this link is broken, please just click to report dead link!

similar jobs

  • HappyPorch (European timezones)
    3 weeks ago

    Passionate about web development? Looking for a flexible, remote role where you are working on an enthusiastic and committed team?  This is a brilliant opportunity to develop your technical skills within a forward-thinking and supportive team.

    Initial 6 months, full time with potential for permanent.

    Anywhere within 2 hours of the UK timezone.


    The Role

    You will be helping to care for a number of Umbraco websites, including maintenance & support, bug fixing and adding new features. You will also be involved, with the rest of the development team, in the planning and development of new Umbraco sites, redesigns and overhauls of existing sites.

    You will be working remotely as part of a small team of 10 spread across the UK, Europe and beyond. You will also be communicating with clients directly. This requires excellent written and verbal English communication skills and the ability to communicate professionally with both technical and non-technical people.

    You

    • enjoy solving problems and are constantly looking to learn and improve
    • are outstanding at communicating both verbally and in written English (and more than tech-speak!)
    • are detail oriented and meticulous about quality
    • understand how important good, disciplined process is; in software development as well as communication and project management

    The ideal person will bring the correct mindset, ability to learn and adapt along with as wide a range of technical experience as possible, we therefore encourage applications from the right candidates regardless of age, disability, gender identity, sexual orientation, religion, belief or race.

    The mix of remote working and the challenge of improving your technical skills while communicating directly with the client means that this role requires very strong English communication skills and a good level of self-confidence.  Thus we encourage applications from candidates with a range of experiences, including career changers and those returning to work.

    Also check out this video some of the team made to help you understand HappyPorch a little better.

     

    Technology

    We are more interested in your interest in web development & your ability to learn, solve problems and your professional approach to coding. However, you do need to have a good working knowledge in C#, ASP.NET MVC, HTML/CSS and Javascript. Experience of Umbraco (or other CMS)  is an advantage, although is not required.


    What’s in it for you?

    Impact

    You will bring your experience, ideas and energy to the role. As part of a small, fun team you will be much more than just another cog in the wheel. There is a huge opportunity to further develop your technical & other skills. 

    Purpose

    A key part of our purpose is to contribute in a positive way to the world around us. Thus we dedicate a portion of their “on the job” time working on ‘pro-bono’ projects that have societal value. This might include open source development, charity projects or training and assisting other organisations.   

    Transparency 

    We run on self management principles.  This does not mean a completely flat hierarchy, any group of humans will have leaders. It does mean that we all input into how the company is run and everyone is invited to get involved and take on the level of responsibility that suits each of us. It also means that leadership is much more fluid than in a traditional company hierarchy. 

    We provide a lot of support and coaching to help you thrive in this environment and thus to do great work. Although it can be challenging, it is incredibly rewarding to be part of. 

      

    Location & Hours

    This role is remote, much of the time you can work from anywhere – well almost – anywhere within 2 hours of the UK timezone. We are more interested in results than micromanaging which means we are very happy to talk about flexibility in your working hours. Some of our team enjoy a very structured day, others flex their work around family commitments.

    Twice each year we meet-up for about a week to work together. Recent locations have included Morocco, Madeira, Bulgaria and Scotland. As well as being really useful it is a lot of fun, so we do all we can to help everyone join where it is possible.


    More details of the role and apply here

  • Yesterday

    Theorem is a team of experts who set sound principles and best practices into action. Our team solves complex problems and builds amazing things for some of the largest global household names. We work with team members around the world and have offices in LA and New York. While this is a remote first role, initially, the position will require at least bi-monthly travel to the UK. Candidates closer to major travel airport hubs will be given priority.  You must be authorized to work in the United States.
    As Software Solutions Architect, you are a polyglot engineer with a hunger for learning new languages and tools. You see yourself as a maker and you are interested in all steps of the process, from understanding the challenge, to designing, developing and deploying.
    As a consulting Software Solutions Architect, you are always happy to be learning, choosing the right tool for the job but also becoming the foremost domain expert about our client’s business. You should always be able to answer the question: What have I learned this week?

    Responsibilities and Duties

    In this role, you will participate in the full life cycle of application development for our clients with duties including but not limited to:

    • Assist the sales team with uncovering and understanding technical requirements and producing estimates and risk assessments for new projects.
    • Become the domain expert for our clients’ business and gain a deep knowledge of their infrastructure and internal systems.
    • Research technologies and assess their fit for the challenge at hand.
    • Educate and train clients and stakeholders about the benefits of our approach to software and solutions development.
    • Assist the engineering team on product delivery by writing code and reviewing pull requests.
    • Collaborate with the team to create a successful project hand-off plan

    Qualifications and Skills

    • 10+ years of experience in software engineering.
    • Over 5+ years of experience directly consulting with clients.
    • Eager to learn new languages and technologies.
    • Proficient and experienced with at least 3 programming languages; JavaScript, Ruby, Elixir, Go, C# and Python are all a plus.
    • Strong experience designing and delivering features on both server and client sides of the development stack.
    • Demonstrated experience researching new tools, acquiring new skills, and implementing your new knowledge on the fly with confidence and accuracy
    • Experience with AWS, GCP, or Azure is nice to have.
    • Experience working with Chef, Ansible, and other provisioning technologies is a plus.
    • BS of Computer Science or similar academic background is a plus.
    • Excellent skills in spoken and written English language.
    • Possess a strong and reliable internet connection.
  • Source Coders (US or Canada)
    1 month ago
    About you:

    • Care deeply about democratizing access to data.  

    • Passionate about big data and are excited by seemingly-impossible challenges.

    • At least 80% of people who have worked with you put you in the top 10% of the people they have worked with.

    • You think life is too short to work with B-players.

    • You are entrepreneurial and want to work in a super fact-paced environment where the solutions aren’t already predefined.

    • You live in the U.S. or Canada and are comfortable working remotely.
    About SafeGraph: 

    • SafeGraph is a B2B data company that sells to data scientists and machine learning engineers. 

    • SafeGraph's goal is to be the place for all information about physical Places

    • SafeGraph currently has 20+ people and has raised a $20 million Series A.  CEO previously was founder and CEO of LiveRamp (NYSE:RAMP).

    • Company is growing fast, over $10M ARR, and is currently profitable. 

    • Company is based in San Francisco but about 50% of the team is remote (all in the U.S.). We get the entire company together in the same place every month.
    About the role:

    • Core software engineer.

    • Reporting to SafeGraph's CTO.

    • Work as an individual contributor.  

    • Opportunities for future leadership.
    Requirements:

    • You have at least 6 years of relevant work experience.

    • Proficiency writing production-quality code, preferably in Scala, Java, or Python.

    • Strong familiarity with map/reduce programming models.

    • Deep understanding of all things “database” - schema design, optimization, scalability, etc.

    • You are authorized to work in the U.S.

    • Excellent communication skills.

    • You are amazingly entrepreneurial.

    • You want to help build a massive company. 
    Nice to haves:

    • Experience using Apache Spark to solve production-scale problems.

    • Experience with AWS.

    • Experience with building ML models from the ground up.

    • Experience working with huge data sets.

    • Python, Database and Systems Design, Scala, Data Science, Apache Spark, Hadoop MapReduce.

Remotive can help!

Not sure how to apply properly to this job? Watch our live webinar « 3 Mistakes to Avoid When Looking For A Remote Startup Job (And What To Do Instead) ».

Interested to chat with Remote workers? Join our community!