SECURING THE SOFTWARE THAT POWERS YOUR WORLD IS A BIG JOB. We''re focused on that mission every day. Application security isn''t part of our business, it''s our only business. And it''s the driving force behind everything we do. At Veracode, we inspire a culture of innovation and infuse creativity into all our initiatives.
Veracode is the leader in the application security space, with the most comprehensive offering available. We take our mission to secure the software that powers your world seriously. Our award-winning, industry-leading products dominate the AppSec market!
As a research engineer you will work closely with the Veracode engineering team to research and maintain our vulnerability database. You will also help identify new vulnerability data sources and implement processes to improve the quality of our data. As part of this team you will get the opportunity to work on improving the state of security in open-source code. We provide a great engineering culture and give lot of autonomy to individuals to work on interesting problems relevant to our business that can have big impact.
Responsibilities:
- Review incoming commits, emails, and bug reports to look for vulnerabilities in open source libraries
- Triage the newest vulnerabilities released
- Track library release notes and associated security bulletins Publish high quality vulnerability advisories with exploit information, details about risk, and mitigation/workaround details
- Develop tools and techniques to identify new vulnerabilities and analyze vulnerable methods
- Perform risk assessments on vulnerabilities identified, then describe the risk posed to customers
- Use in-house tooling and/or custom tooling to do low probability, high payoff moonshot style research into the most popular libraries
- Other activities relating to security research around library vulnerabilities
Related Job Searches:
- Company:
Veracode - Designation:
Research Engineer - Profession:
IT / Information Technology - Industry:
Computer and IT