- અનુભવ
- ૫+ વર્ષ
- પગાર
- —
- ઓપનિંગ્સ
- 1
- પોસ્ટ કર્યું
- 2 કલાક પેહલા
- કાર્ય મોડ
- ઓફિસમાં
- ફરી શરૂ કરો
- અરજી કરવી જરૂરી છે
તમે ક્યાં કામ કરશો
કામનું વર્ણન
About the Role
Our company leads the industry in Active Application Security Posture Management (ASPM), developed specifically to safeguard modern software supply chains amidst the rise of AI technologies. Unlike conventional tools that inundate teams with countless alerts, our technology filters down to highlight the critical 5% of risks that are genuinely exploitable. Covering everything from AI-generated code to cloud runtime environments, we empower developers and security professionals with enhanced visibility and automation to deliver secure software rapidly.
Position Overview
We are seeking a highly capable and motivated Security Researcher to join our research team. Your focus will be on investigating supply chain attacks, dissecting malware samples, and developing open-source security tools. This pivotal role entails collaboration with multidisciplinary teams worldwide to scan and defend users and organizations against the most pressing cyber threats, significantly influencing the evolution of our company.
Essential Qualifications
- At least 5 years of professional experience as a cybersecurity researcher, particularly specializing in supply chain attacks and malware analysis.
- In-depth knowledge of open-source package registries such as npm, PyPI, and Maven, including the associated vulnerabilities and attack vectors.
- Demonstrated ability to deliver software solutions that operate effectively in production environments.
- Comprehensive understanding of the software development lifecycle (SDLC) and contemporary continuous integration/continuous deployment (CI/CD) workflows.
- Expertise in utilizing AI-powered tools to enhance research and development efficiencies.
- A proactive, self-driven work ethic with the capacity to independently manage projects from inception to completion.
Preferred Skills and Experience
- Contributions to open-source security projects or tools.
- Experience working with decompilers, debugging utilities, and analyzing network traffic.
- Advanced capabilities in malware analysis, including techniques such as code obfuscation, encryption, anti-analysis, and sandbox evasion.
- Background in web application penetration testing.
- Authorship of published CVEs, coordinated vulnerability disclosures, technical write-ups, blogs, or research papers.
- Public speaking experience at renowned cybersecurity conferences such as Black Hat, DEFCON, or RSAC.
- Strong enthusiasm for cybersecurity, open-source ecosystems, and addressing intricate security challenges in the software supply chain.