Tbwa Chiat/Day Inc | Intermediate Vulnerability Research Engineer, Application Security Testing: Vulnerability Research
vor 1 Tag
Intermediate Vulnerability Research Engineer, Application Security Testing: Vulnerability Research Remote
GitLab is an open core software company that develops the most comprehensive AI-powered DevSecOps Platform, used by more than 100,000 organizations.
Our mission is to enable everyone to contribute to and co-create the software that powers our world.
When everyone can contribute, consumers become contributors, significantly accelerating the rate of human progress.
This mission is integral to our culture, influencing how we hire, build products, and lead our industry.
We make this possible at GitLab by running our operations on our product and staying aligned with our values.
An overview of this role You'll be at the forefront of our R&D efforts within our Engineering department in this role.
You'll be expected to focus on improving GitLab's security detection capabilities in our Application Security Testing stage groups.
This includes SAST, DAST, Secret Detection and Composition Analysis, and future products.
Vulnerability Research Engineers perform research to analyze software vulnerabilities, exploitation methods, track new vectors, discover novel methods and approaches in software security, and apply this knowledge to the security products and GitLab itself.
What You'll Do
Carry out research and come up with proofs of concepts that affect the security products and GitLab, including SAST, DAST, Secret Detection and Composition Analysis.
Curate advisory databases for dependency scanning.
This is a semi-automatic task that includes auditing/reviewing, editing existing and adding new advisories to the database while, at the same time, trying to automate repetitive tasks away as much as possible.
Build/develop benchmarks to test the efficacy of scanning and detection products to constantly improve quality of results.
Measure and improve the efficacy of scanning and detection products over time.
Write detailed technical reports.
Assess security product output results and conduct root cause analysis to improve efficacy.
Respond to internal and external customer inquiries on vulnerabilities and related topics.
What You'll Bring
3+ years of direct experience in developing and improving vulnerability detection products in the context of web security.
Knowledge of the vulnerability management process.
Knowledge of software composition analysis (SCA) and software supply chain ecosystems.
Experience with source code analysis, static application security testing (SAST), and dynamic application security testing (DAST) along with benchmarking experience testing the efficacy of these products.
Knowledge about compilers, compiler design and construction.
Experience developing automated web security testing/analysis tools.
You have a passion for security and open source, and enjoy collaborating with cross-functional teams.
Salary Range: $98,000 - $210,000 USD
Country Hiring Guidelines: GitLab hires new team members in countries around the world.
All of our roles are remote; however, some roles may carry specific location-based eligibility requirements.
GitLab is proud to be an equal opportunity workplace and is an affirmative action employer.
GitLab's policies and practices relating to recruitment, employment, career development and advancement, promotion, and retirement are based solely on merit, regardless of race, color, religion, ancestry, sex (including pregnancy, lactation, sexual orientation, gender identity, or gender expression), national origin, age, citizenship, marital status, mental or physical disability, genetic information (including family medical history), discharge status from the military, protected veteran status (which includes disabled veterans, recently separated veterans, active duty wartime or campaign badge veterans, and Armed Forces service medal veterans), or any other basis protected by law.
GitLab will not tolerate discrimination or harassment based on any of these characteristics.
#J-18808-Ljbffr
-
Central Coast, Österreich Tbwa ChiatDay Inc VollzeitIntermediate Vulnerability Research Engineer, Application Security Testing: Vulnerability ResearchRemoteGitLab is an open core software company that develops the most comprehensive AI-powered DevSecOps Platform, used by more than 100,000 organizations.Our mission is to enable everyone to contribute to and co-create the software that powers our world.When...
-
Buscojobs | Security Reverse Engineer
vor 20 Stunden
Central Coast, Österreich Tideri Jobbörse VollzeitVulnerability Researcher Location: Canberra / Sydney - Hybrid Salary: $200k - $250k+ Super Our client is responsible for devising and implementing a sophisticated commercial cyber toolkit, reverse engineering, bug detection, and cracking exploits in devices / operating systems.Essential Functions: AU Citizenship - Ability to obtain a Security...
-
Buscojobs | Senior Vulnerability Engineer
vor 2 Wochen
Central Coast, Österreich Tideri Jobbörse VollzeitCuscal Cuscal is a payments & regulated data services provider in Australia.Since 1966 we have enabled banks, corporates and fintechs to better serve and connect with their customers.For a winning team that is evolving.Forward with Cuscal.At Cuscal, you'll find a strong, successful company that's reimagining the future.Here, you'll deliver or support...
-
Central Coast, Österreich Buscojobs VollzeitSecurity Engineer II, Amazon Security, Vulnerability Management and Remediation OperationsJob ID : 2858551 | Amazon Support Services Pty Ltd Embark on a Mission to Fortify Amazon's Defenses as a Security Engineer with the Vulnerability Management & Remediation Operations team!Amazon Security is seeking a Security Engineer to join our Vulnerability Management...
-
Vulnerability Management Platform Engineer
vor 2 Monaten
Central Coast, Österreich Tideri Jobbörse VollzeitVulnerability Management Platform Engineer 18th October, 2024 Must have: Negative Vetting Level 1 Security clearance.Location of work: ACT, QLD, SA, VIC Primary Technologies:• Vulnerability scanning tools: Rapid7, Tenable, Sentinel, Windows Defender, Forescout, and any additional tools.Key duties may include, but are not limited to:• Develop and document...
-
Central Coast, Österreich Tideri Jobbörse VollzeitOur Federal Government client is seeking an experienced Vulnerability Management Platform Engineer.This is a 12 month contract.The role is open for ACT, QLD, SA and VIC.The successful candidate must have NV1 security clearance.12 months contract Open for ACT, QLD, SA, and VIC candidates Hybrid role (3 days office and 2 days WFH) NV1 is mandatory for this...
-
Central Coast, Österreich Tideri Jobbörse VollzeitSecurity Engineer II, Amazon Security, Vulnerability Management and Remediation Operations Job ID : 2858551 | Amazon Support Services Pty Ltd Embark on a Mission to Fortify Amazon's Defenses as a Security Engineer with the Vulnerability Management & Remediation Operations team!Amazon Security is seeking a Security Engineer to join our Vulnerability...
-
Central Coast, Österreich Buscojobs VollzeitDESCRIPTIONEmbark on a Mission to Fortify Amazon's Defenses as a Security Engineer with the Vulnerability Management & Remediation Operations team!Amazon Security is seeking a Security Engineer to join our Vulnerability Management and Remediation Operations (VMRO) team in Crystal City, Virginia.The VMRO team is responsible for discovering, assessing,...
-
Central Coast, Österreich Tideri Jobbörse VollzeitDESCRIPTION Embark on a Mission to Fortify Amazon's Defenses as a Security Engineer with the Vulnerability Management & Remediation Operations team!Amazon Security is seeking a Security Engineer to join our Vulnerability Management and Remediation Operations (VMRO) team in Crystal City, Virginia.The VMRO team is responsible for discovering, assessing,...
-
Tbwa Chiat/Day Inc | Principal Security Analyst
vor 20 Stunden
Central Coast, Österreich Tideri Jobbörse VollzeitReports to: Manager, Security Operations Center Location: Remote Australia Compensation Range: $190,000 to $215,000 AUD base plus bonus and equity.What We Do: Founded in 2015 as a fully remote company by former NSA cyber operators, Huntress was built on a simple premise: to force hackers to earn every inch of their access.Today's cyber-attacks aren't limited...
-
Central Coast, Österreich Buscojobs VollzeitVulnerability Management Platform EngineerDate: 18th October, 2024Must have: Negative Vetting Level 1 Security clearance.Location of work: ACT, QLD, SA, VICPrimary Technologies:Vulnerability scanning tools: Rapid7, Tenable, Sentinel, Windows Defender, Forescout, and any additional tools.Key duties may include, but are not limited to:Develop and document...
-
Central Coast, Österreich Tideri Jobbörse VollzeitSenior Security Engineer, Amazon Security Job ID : 2856467 | Amazon Support Services Pty Ltd Embark on a Mission to Fortify Amazon's Defenses as a Senior Security Engineer with the Vulnerability Management & Remediation Operations team!Amazon Security is seeking an experienced and innovative Senior Security Engineer to join our Vulnerability Management and...
-
Amazon | Senior Security Engineer, Amazon Security
vor 2 Wochen
Central Coast, Österreich Tideri Jobbörse VollzeitSenior Security Engineer, Amazon Security Job ID: 2856467 | Amazon Support Services Pty Ltd Embark on a Mission to Fortify Amazon's Defenses as a Senior Security Engineer with the Vulnerability Management & Remediation Operations team!Amazon Security is seeking an experienced and innovative Senior Security Engineer to join our Vulnerability Management and...
-
Central Coast, Österreich Tideri Jobbörse VollzeitVice President, Vulnerability Scanning Specialist, Global Information Security Bank of America What would you like the power to do?For you and your family, your business and your community.At Bank of America, our purpose is to help make financial lives better through the power of every connection.At Bank of America, we are guided by a common purpose to help...
-
Senior Security Engineer, Amazon Security
vor 3 Monaten
Central Coast, Österreich Amazon VollzeitSenior Security Engineer, Amazon Security Job ID: 2803450 | Amazon Support Services Pty Ltd Embark on a Mission to Fortify Amazon's Defenses as a Senior Security Engineer with the Vulnerability Management & Remediation Operations team!Amazon Security is seeking an experienced and innovative Senior Security Engineer to join our Vulnerability Management and...
-
Buscojobs | Application Security Engineer
vor 2 Wochen
Central Coast, Österreich Tideri Jobbörse VollzeitInfosys Consulting is the worldwide management and IT consultancy unit of the Infosys Group (NYSE : INFY), a global advisor to leading companies for strategy, process engineering, and technology-enabled transformation programs.We partner with clients to design and implement customized solutions to address their complex business challenges, and to help them...
-
Gold Coast, Österreich Tideri Jobbörse VollzeitVulnerability Management Platform Engineer Date: 18th October, 2024 Must have: Negative Vetting Level 1 Security clearance.Location of work: ACT, QLD, SA, VIC Primary Technologies: Vulnerability scanning tools: Rapid7, Tenable, Sentinel, Windows Defender, Forescout, and any additional tools. Key duties may include, but are not limited to: Develop and...
-
Amazon | Principal Security Engineer, Aws Security
vor 2 Wochen
Central Coast, Österreich Tideri Jobbörse VollzeitPrincipal Security Engineer, AWS Security Job ID: 2780049 | Amazon Web Services Australia Pty Ltd This position can also be based in Sydney, Australia.We are looking for an experienced Principal Security Engineer to join the Security team in Australia.You will be on a team responsible for conducting both pre and post launch testing, offensive campaigns,...
-
Application Security Engineer
vor 2 Monaten
Central Coast, Österreich Tideri Jobbörse VollzeitThis job offer is not available in your country.About us We are Protecht - a fast growth Governance, Risk & Compliance (GRC) SaaS business.We provide world-class enterprise risk management, compliance, training, and advisory services to over 350 customers across various industry sectors through our offices across APAC, USA & Europe.Our cloud-based SaaS...
-
Application Security Engineer
vor 2 Monaten
Central Coast, Österreich Tideri Jobbörse VollzeitProtecht We offer enterprise risk management (ERM, GRC) software to help your organisation achieve its objectives.Contact us to learn more about our solutions.About usWe are Protecht - a fast growth Governance, Risk & Compliance (GRC) SaaS business.We provide world-class enterprise risk management, compliance, training, and advisory services to over 350...
