Senior Security Researcher, Applications


October 6, 2020

The Senior Security Researcher will investigate and analyze vulnerabilities in open-source software. Sonatype is looking for a passionate, driven and talented developer to provide high-quality security data from researching software vulnerabilities. This is not a development position but relies on development experience to help navigate complex architectures and threat vectors in open-source software. This high-quality security data ensures that our customers are getting maximum value out of our products making them feel like they are part of the Sonatype family. If you are a positive-thinker and problem-solver and believe that customer success and company success go hand-in-hand, this is a great job for you. This position will provide a valuable learning opportunity with the great potential to grow your newly started career in cyber-security. Enjoy your job as you work in a fast-paced, flexible, and fun environment, with talented, diverse, and forward-thinking individuals. Key Areas of Focus

  • Review, isolate, analyze, and reverse engineer vulnerabilities in open-source software

  • Document attack capabilities

  • Provide detection and remediation guidance

  • Aid in ideas and prototypes for new tooling

  • Collaborate with other team members toward shared product goals

  • Improve Sonatype products by providing valuable security data

  • Work with technology and business team members to define and refine requirements in an agile development environment

Required Background

  • 5+ years of experience in application security or development experience in Java, C#, Python, JavaScript, C/C++ or Ruby

  • Excellent oral and written communication skills

  • Excellent organizational skills and detail-oriented

  • Ability to work independently and as part of a team

Desired Background

  • Bachelor of Science Degree in Computer Science, Cybersecurity, Engineering, or related field

  • Knowledge of application security such as the OWASP Top 10 or Sans 25

  • Knowledge of different languages such as Python, Ruby, and scripting

  • Knowledge of different operating systems such as *NIX, Windows

  • Application vulnerability assessment or penetration testing experience

  • Knowledge of open-source environments like Github is a plus
Apply Now

Get a weekly email with 5 curated job opportunities.

! Last step: confirm your subscription in your email provider !
Oops! Something went wrong while submitting the form.

Transparent marketing examples to help you nail your interview.

Learn More

Helpful Resources

Want a more efficient and effective job search?
Sign up and I'll send you 3 tools to help you do just that.

Perfect your resume

Get our top 3 favorite resources for crafting resumes that work.