about 3 hours ago
Remote, Worldwide
Mid Level
Base Salary
$98k - $210k/yr
Responsibilities
- Carry out vulnerability research and develop proof of concepts for GitLab security products.
- Curate advisory databases for dependency scanning by reviewing and automating processes.
- Build benchmarks to test the efficacy of scanning and detection products.
- Measure product efficacy over time to improve detection quality.
- Assess security product output and perform root cause analysis for improvements.
- Write detailed technical reports documenting research findings and recommendations.
- Respond to internal and external inquiries regarding vulnerabilities and detection behavior.
- Collaborate with Security, Development, and Product teams to integrate research insights.
Requirements
- Experience in developing or improving vulnerability detection capabilities in web security.
- Knowledge of the vulnerability management process and its connection to product outcomes.
- Understanding of software composition analysis and software supply chain ecosystems.
- Experience with source code analysis and various application security testing methods.
- Knowledge of compilers and compiler design related to code analysis.
- Experience in building automated web security testing or analysis tools.
- Ability to work effectively in a product development environment with cross-functional teams.
- Interest in security and open source, with openness to transferable experience from related fields.
Benefits
- Benefits to support health, finances, and well-being.
- Flexible Paid Time Off.
- Team Member Resource Groups.
- Equity Compensation & Employee Stock Purchase Plan.
- Growth and Development Fund.
- Parental leave.
- Home office support.
Categories
Security