We are looking for a curious, analytical and detail-oriented Security Analyst to join our team and help us uncover unknown vulnerabilities that exist in open source.
In modern software development, much of any project's code relies on open source packages. These are out there in the world, visible for anyone, and within that code there are vulnerabilities. As part of our security team, you'll join us on our mission to continually improve our ability to find these open source vulnerabilities in a programmatic way.
You'll spend your time:
- triaging and analysing potential vulnerabilities discovered within open-source dependencies
- further researching known vulnerabilities to determine characteristics such as severity and exploitability
- using research to verify or disqualify potential vulnerabilities
- training machine learning models to find where vulnerabilities are mostly likely to lie, using a combination of our unique database of verified known vulns; information about how the open source community operates; and the static code itself
- developing and testing theories and hypotheses around new areas that Snyk tackles
- exploring and establishing the new abilities we need to develop our product to further achieve our mission
You'll join our interdisciplinary security team, alongside fully dedicated engineers focussed on building tools that make your work more effective and have lots of opportunities to learn and grow. This role is particularly well-suited to help you develop a deep understanding of how code works, and over time you'll have the opportunity to work with just about every programming language.
You should apply if:
- you have worked with researchers before, ideally in the security space or have conducted security research yourself
- you're comfortable working with large datasets (we use BigQuery; ideally you'll have used one of BigQuery, elasticsearch, kibana, hadoop etc.)
- you have previous experience working with open source codebases
Snyk's mission is to help developers use open source code and stay secure. We care deeply about the quality and usefulness of the tools we develop, always focusing on our customers and users. Our service enables developers and security teams to continuously find and fix open source security vulnerabilities without slowing down, seamlessly integrating into Dev & DevOps workflows. We are committed to ensuring you stay safe while working freely with the open-source libraries you love.We have more than 300,000 developers using Snyk globally with great enterprise customers on board (including Google, Netflix and New Relic ). We also recently raised $102M from top VC firms (including Accel and Google Ventures) - we’re experiencing rapid growth and we want you to join us!
We'd love to hear from you - please apply below! You'll be primarily based in either our Tel Aviv or Shoreditch office depending on your current location.
We value diversity at Snyk, and would particularly encourage applications from those who are traditionally underrepresented in tech. If you like the sound of this role, but are not totally sure whether you're the right person, please do apply anyway - we'd love to hear from you :)