Spectral is looking for a curious, analytical, and detail-oriented Security Researcher to join our team!
You’ll help us uncover unknown vulnerabilities and misconfigurations that exist in the software world - different infrastructure and cloud services, OSS, widely different 3rd-party SaaS, and any platform software that developers are using.
This position is located remotely from home or in our TLV offices.
The Team
Our mission is to secure software, from code to cloud. You'll work as part of a small but rapidly growing high-energy team, delivering incredible and creative features to our product - Spectral's next-gen security platform.
You'll spend your time
Discovering potential vulnerabilities that haven't been identified yet
Building SAST & IaC rulesets to identify vulnerabilities & misconfigurations in common infrastructure
Triaging vulnerabilities to identify the underlying vulnerable code and functionality
Research public cloud vendor APIs (AWS, GCP and Azure) to find new types of misconfigurations
Work in full collaboration with developers, data scientists, and other team members at Spectral
You should apply if
You are enthusiastic about the cybersecurity world, have a hacker’s personality, and love to be on top of what's new in the cybersecurity world
You have experience working in the security domain and researching vulnerabilities
You have experience working with SAST tooling and rulesets
You have experience POC’ing vulnerabilities and dealing with vulnerability disclosures
You love to automate your work by writing your own scripts
You're excited about working in an area where we don't even know what the answers look like
We'd especially love to hear from you if
You have experience using public cloud vendors APIs (AWS / GCP / Azure)
You are familiar with OPA
You are familiar with different IaC vendors: Terraform, CloudFormation, Kubernetes, Azure Resource Manager, Google Cloud Deployment Manager, Docker
You’ve already worked closely with Data Scientists