Senior Vulnerability Researcher (Open Source)

Posted 3 Days Ago
Be an Early Applicant
Tel Aviv
Senior level
Artificial Intelligence • Cloud • Information Technology • Security • Software • Cybersecurity • Data Privacy
Snyk is on a mission to make the world a more secure place by empowering developers to develop fast and stay secure.
The Role
The Senior Vulnerability Researcher will analyze and verify vulnerabilities in open source packages, further researching known vulnerabilities, and collaborating with team members to improve workflows and data products in the security intelligence team.
Summary Generated by Built In

Every day, the world gets more digital thanks to tens of millions of developers building the future faster than ever. But with exponential growth comes exponential risk, as outnumbered security teams struggle to secure mountains of code. This is where Snyk (pronounced “sneak”) comes in. Snyk is a developer security platform that makes it easy for development teams to find, prioritize, and fix security vulnerabilities in code, dependencies, containers, and cloud infrastructure — and do it all right from the start. Snyk is on a mission to make the world a more secure place by empowering developers to develop fast and stay secure.



Joining Snyk means embracing our core values: One Team, Care Deeply, Customer Centric, and Forward Thinking. As a member of our team, you’ll have the opportunity to thrive in a dynamic environment where fostering collaboration, leading with empathy, driving business impact, and inspiring trust are at the heart of everything we do.

Our Opportunity

We are looking for a Senior Vulnerability Researcher to join our Security Intelligence team to analyse known vulnerabilities and discover unknown vulnerabilities. Our scope is open source packages, including those distributed by the largest Linux distributions.


Your Role

In modern software development, much of any project's code relies on open source packages.These are out there in the world, visible for anyone; and within that code there are vulnerabilities. As part of our security intelligence team, you'll join us on our mission to continuously provide actionable analysis of these vulnerabilities that can be used by developers and security professionals.

You'll join our interdisciplinary security intelligence team, alongside fully dedicated engineers focused on building tools that make your work more effective, and have lots of opportunities to learn and grow. This role is particularly well-suited to candidates with a deep understanding of how code works, and over time you'll have the opportunity to work with a wide variety of  programming languages. You can read in depth about the way the team’s data are used as the basis for the leading software security platform on Snyk’s blog.


You’ll spend your time:

  • Triaging and analyzing potential vulnerabilities discovered in open source dependencies
  • Further researching known vulnerabilities to determine characteristics such as severity and exploitability
  • Verifying or disqualifying potential vulnerabilities via hands-on research
  • Assessing and building in new vulnerability sources
  • Cross-pollinating security knowledge and techniques with group members to keep the learning flowing  
  • Exploring the new abilities we need to develop our data products to further our mission
  • Developing and testing new ways to improve the team’s workflows


We’d be Lucky if You: 

  • You have a passion for security and experience in the exploitation problem space
  • You have previous experience navigating open source codebases
  • You love learning new techniques and getting experience in new fields
  • You're comfortable working with quantitative data tools - including SQL, NoSQL, Python notebooks, pandas
  • You have good mastery of written and spoken English expression
  • You have worked with researchers before, ideally in the security space or have conducted security research yourself
  • You have experience reproducing vulnerabilities and processing responsible vulnerability disclosures
  • You’ve analyzed data before using quantitative/statistical techniques, employing purpose-built tools to come to valid data-based conclusions
  • You love to automate your work by writing scripts or adopting new technologies

#LI-GH

We care deeply about the warm, inclusive environment we’ve created and we value diversity – we welcome applications from those typically underrepresented in tech. If you like the sound of this role but are not totally sure whether you’re the right person, do apply anyway!


About Snyk

Snyk is committed to creating an inclusive and engaging environment where our employees can thrive as we rally behind our common mission to make the digital world a safer place. From Snyk employee resource groups, to global benefits that help our employees prioritize their health, wellness, financial security, and a work/life blend, we aim to support our employees along their entire journeys here at Snyk.

Benefits & Programs

Prioritize health, wellness, financial security, and life balance with programs tailored to your location and role.

  • Flexible working hours, work-from home allowances, in-office perks, and time off for learning and self development
  • Generous vacation and wellness time off, country-specific holidays, and 100% paid parental leave for all caregivers
  • Health benefits, employee assistance plans, and annual wellness allowance
  • Country-specific life insurance, disability benefits, and retirement/pension programs, plus mobile phone and education allowances

Top Skills

Python

What the Team is Saying

Erica
Ciana
Carissa
Brian
The Company
HQ: Boston, MA
1,000 Employees
Hybrid Workplace
Year Founded: 2015

What We Do

Every day, the world gets more digital thanks to tens of millions of developers building the future faster than ever. But with exponential growth comes exponential risk, as outnumbered security teams struggle to secure mountains of code. This is where Snyk (pronounced “sneak”) comes in.

Snyk is a developer security platform that makes it easy for development teams to find, prioritize, and fix security vulnerabilities in code, dependencies, containers, and cloud infrastructure — and do it all right from the start.

Why Work With Us

Every team member at Snyk contributes to our vision for a more secure digital world. No matter where we are in the world, we operate as one team and work together to shape the future of application security. We take immense pride in the diversity of our people, cultures, and experiences.

Gallery

Gallery
Gallery
Gallery
Gallery
Gallery
Gallery
Gallery
Gallery
Gallery
Gallery

Snyk Offices

Hybrid Workspace

Employees engage in a combination of remote and on-site work.

Typical time on-site: Flexible
Company Office Image
HQBoston
Company Office Image
Singapore
Company Office Image
Bucharest
Company Office Image
Cluj-Napoca
Company Office Image
London
Company Office Image
Ottawa
Sydney
Company Office Image
Tel Aviv
Tokyo, JP
Zürich
Learn more

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account