Remote Job Rocks

Remote jobs for developers, designers, marketers, copywriters, customer support reps, project managers, executives and more.

Senior Security Researcher, Applications - 100% Remote (Canada/Colombia/US) at Sonatype

The Senior Security Researcher will investigate and analyze vulnerabilities in open-source software. Sonatype is looking for a passionate, driven and talented developer to provide high-quality security data from researching software vulnerabilities.  This is not a development position but relies on development experience to help navigate complex architectures and threat vectors in open source software. This high-quality security data ensures that our customers are getting maximum value out of our products making them feel like they are part of the Sonatype family.   If you are a positive-thinker and problem-solver and believe that customer success and company success go hand-in-hand, this is a great job for you. This position will provide a valuable learning opportunity with the great potential to grow your newly started career in cyber-security. Enjoy your job as you work in a fast-paced, flexible, and fun environment, with talented, diverse, and forward-thinking individuals. Key Areas of Focus

  • Review, isolate, analyze, and reverse engineer vulnerabilities in open-source software

  • Document attack capabilitiesProvide detection and remediation guidance

  • Aid in ideas and prototypes for new tooling

  • Collaborate with other team members toward shared product goals

  • Improve Sonatype products by providing valuable security data

  • Work with technology and business team members to define and refine requirements in an agile development environment

Required Background

  • 5+ years of experience in application security or development experience in Java, C#, Python, JavaScript, C/C++ or Ruby

  • Excellent oral and written communication skills

  • Excellent organizational skills and detail oriented

  • Ability to work independently and as part of a team

Desired Background

  • Bachelor of Science Degree in Computer Science, Cybersecurity, Engineering, or related field

  • Knowledge of application security such as the OWASP Top 10 or Sans 25

  • Knowledge of different languages such as Python, Ruby, and scripting

  • Knowledge of different operating systems such as *NIX, Windows

  • Application vulnerability assessment or penetration testing experience

  • Knowledge of open source environments like Github is a plus