Senior Security Researcher - Applications (100% Remote)


  • Senior Security Researcher - Applications (100% Remote)



  • The Senior Security Researcher will investigate and analyze vulnerabilities in open-source software.



Requirements and duties:

  • Review, isolate, analyze, and reverse engineer vulnerabilities in open-source software
  • Document attack capabilities
  • Provide detection and remediation guidance
  • Aid in ideas and prototypes for new tooling
  • Collaborate with other team members toward shared product goals
  • Improve Sonatype products by providing valuable security data
  • Work with technology and business team members to define and refine requirements in an agile development environment
  • Currently reside in Colombia and are legally authorized to work without sponsorship in the country.
  • Good English level is a must.
  • 5+ years of experience in application security or development experience in Java, C#, Python, JavaScript, C/C++ or Ruby
  • Excellent oral and written communication skills
  • Excellent organizational skills and detail oriented
  • Ability to work independently and as part of a team


Desired Background

  • Bachelor of Science Degree in Computer Science, Cybersecurity, Engineering, or related field
  • Knowledge of application security such as the OWASP Top 10 or Sans 25
  • Knowledge of different languages such as Python, Ruby, and scripting
  • Knowledge of different operating systems such as *NIX, Windows
  • Application vulnerability assessment or penetration testing experience
  • Knowledge of open source environments like Github is a plus


Job's conditions:

  • Type contract: Indefinite
  • City: Colombia (100% remote)

Descripción de la empresa

Sonatype is the world's leading provider of vast data intelligence and DevOps-native developer tools to help organizations harness all the goodness in open source software, without any of the risk. As the creators of Apache Maven, the Central Repository, and Nexus Repository, Sonatype helped to pioneer open source software development.

Today, more than 10 million developers around the world depend on Sonatype's Nexus platform to automatically govern the volume, variety, and security of open source components being used to build modern software applications. Sonatype is privately held with investments from New Enterprise Associates (NEA), Accel Partners, Hummer Winblad Venture Partners, and Goldman Sachs.

Mission: To help every team developing and operating software unlock the full potential of open source.

Is one of the most high ranked company to work according Glassdoor. The high scores here are indicative solid engagement by team members and positive trends are effectively leading indicators of future engagement levels.

Mostrar descripción completa
Seleccionar la forma de candidatura
Ofertas similares
Presentación de la empresa Ver más ofertas