The CSO Security team is looking for a senior application security researcher. In this role, you will perform vulnerability research, assess existing architectures, and build and run tools to secure the application landscape at scale. You will work closely with R&D and DevOps teams and be the focal point for identifying and solving complex security challenges. This is a hands-on, development-focused role with the goal of ensuring our products adhere to the stringent security requirements of our thousands of customers.
As a Senior Application Security Researcher you will:
Continuously assess and challenge our overall security posture to ensure optimal and up-to-date platform security in our products and systems
Evaluate architecture, design, and code to ensure they are free from potential vulnerabilities and security risks
Train and mentor developers about security frameworks, testing, vulnerabilities, and best practices to ensure code compliance
Evaluate new technologies and standards in the application security domain
As a Senior Application Security Researcher you will:
Continuously assess and challenge our overall security posture to ensure optimal and up-to-date platform security in our products and systems
Evaluate architecture, design, and code to ensure they are free from potential vulnerabilities and security risks
Train and mentor developers about security frameworks, testing, vulnerabilities, and best practices to ensure code compliance
Evaluate new technologies and standards in the application security domain
Requirements:
4+ years of hands-on experience in an application security role
Experience with web penetration testing (Hands On) – Mandatory
Strong coding skills, preferably in Java, Golang, and JavaScript – Mandatory
Experience with identifying, tracking, and solving security vulnerabilities in open source components used as third-party dependencies
Experience with supply chain attacks and their remediation – An advantage
Experience with cloud environments – An advantage
Experience with microservices (Docker, K8S, Service Mesh) – An advantage
Excellent problem-solving skills and the ability to work independently with a strong sense of ownership
Good communication skills and a true passion to educate others and achieve continuous improvement
4+ years of hands-on experience in an application security role
Experience with web penetration testing (Hands On) – Mandatory
Strong coding skills, preferably in Java, Golang, and JavaScript – Mandatory
Experience with identifying, tracking, and solving security vulnerabilities in open source components used as third-party dependencies
Experience with supply chain attacks and their remediation – An advantage
Experience with cloud environments – An advantage
Experience with microservices (Docker, K8S, Service Mesh) – An advantage
Excellent problem-solving skills and the ability to work independently with a strong sense of ownership
Good communication skills and a true passion to educate others and achieve continuous improvement
This position is open to all candidates.
