Job Description is looking for a curious, analytical and detail-oriented Application Security Researcher to join our team and help us uncover unknown vulnerabilities that exist in open source, tools and other platforms software developers use.

This position is located remotely from home or in our TLV offices. 


The Team

As part of our security team, you'll join us on our mission to continually grow and improve our knowledge and ability to find vulnerabilities in open source, tools and other platforms, in a programmatic way.

You'll work as part of a small but rapidly growing high-energy team, delivering incredible and creative features to our products, Spectral's next-gen code security platform. 


You'll Spend Your Time

  • Discovering potential vulnerabilities that haven't yet been identified

  • Using research to verify or disqualify potential vulnerabilities

  • Building SAST rulesets to identify vulnerability types and frameworks

  • Triaging vulnerabilities to identify the underlying vulnerable code and functionality

  • Developing and testing theories and hypotheses around new areas that Spectral tackles

  • Exploring and establishing the new abilities we need to develop our product to further achieve our mission

  • Work in full collaboration with developers, data scientists and various team members at Spectral


You Should Apply If

  • You have 4+ years of experience working in the security space and researching vulnerabilities

  • You have 2+ years of experience working with SAST tooling and rulesets

  • You have experience PoCing vulnerabilities and dealing with vulnerability disclosures

  • You love to automate your work, through writing your own scripts (we mainly use node.js / JavaScript)

  • You're excited about working in an area where we don't even know what the answer looks like


We'd especially love to hear from you if you have

  • Worked closely with Data Scientists in the past and 

  • Experience working with ML

  • Experience using statistical tools to help answer research questions

  • Experience applying static typing in Javascript (for example TypeScript or Flow)

  • Experience using AWS and Docker containers

More Details
Employment Type: Full Time
Location: [REMOTE]
Experience Required: Mid-Senior Level
Date Published: 16 Feb 2021
Share Job Opening