We’re looking for a curious, analytical Security Researcher to join us on our mission to make it easy to use open source and stay secure.
The use of open source is booming, but security is a key concern. Our product enables developers and enterprise security to continuously find & fix dependencies with known vulnerabilities, without slowing down development.
We’re proud of our industry-leading vulnerability database - it is the engine that powers our products. So far we’ve focussed on combining a growing automated pipeline tool with the hard work of our smart, driven security analysts, and our own research, which you’ll help us grow.
You’ll spend most of your time:
- identifying open research questions that we’re especially well equipped to tackle
- proposing hypotheses and designing evidence-based experiments
- designing and implementing solutions to some really challenging engineering and research problems
- measuring effectiveness of prototypes and provide reproducible results
- integrating the results of your research into our automated vulnerability pipeline
- working directly with leading open source maintainers to disclose new security issues & help secure their products
- maintaining your knowledge in a specialized area of research, through engaging with the broader security community, attending meetups and conferences, and reading widely.
You’ll join our security team, a collaborative & friendly group of security analysts and developers. While your primary focus will be research, you’ll also work with your teammates to maintain and continually improve our security tools, including developing our big data infrastructure to support future research.
We encourage all engineers to write company blog posts about their work and accomplishments, and to deliver presentations to the technical community. We’ll support you to present your research at security working groups, conferences, and in publications.
As the company and team grow, you'll have the opportunity to build and grow the security research team, scaling up as our company hits its next stage of growth.
- You enjoy hunting for security vulnerabilities through the wilds of open source software security
- You are at your best when understanding, debugging & reverse engineering software
- You love working with Python and you have some familiarity with JavaScript
- You have a high-level understanding of common cryptographic vulnerabilities
- You communicate proactively and speak fluent English
- You’re passionate about security and want to contribute to the community
We'd love to hear from you - please apply here!
We value diversity at Snyk, and we particularly encourage applications from those who are traditionally underrepresented in tech. If you like the sound of this role, but are not totally sure whether you’re the right person, please do apply anyway - or email maria@snyk.io with questions.