![Sonatype](https://media.trabajo.org/img/noimg.jpg)
Open Source Vulnerability Security Researcher
hace 3 semanas
Sonatype is the software supply chain management company. We're on a mission to change how the world innovates by making software development easier. From running the world's largest repository of Java open source components (Maven Central) to inventing componentized software development, and then software supply chain management, to creating the only solution that stops malicious open-source malware in its tracks, we're constantly leading the industry while helping thousands of customers manage open source every day.
Already used by 15 million developers, we have lofty goals for our technology to be in the hands of every engineering team. And, we need you to do that. Join us
Sonatype’s mission is to enable organizations to better manage their software supply chain. We offer a series of products and services including the Nexus Repository Manager and Nexus Lifecycle Manager.
The Security Researcher will investigate and analyze vulnerabilities in open-source software.
Sonatype is looking for a passionate, driven and talented Security Researcher to provide high quality security data from researching software vulnerabilities. This high quality security data ensures that our customers are getting maximum value out of our products making them feel like they are part of the Sonatype family. If you are a positive-thinker and problem-solver and believe that customer success and company success go hand-in-hand, this is a great job for you. This position will provide a valuable learning opportunity with great potential to grow your newly started career in cyber-security. Enjoy your job as you work in a fast-paced, flexible, and fun environment, with talented, diverse, and forward-thinking individuals.
**What you will do**:
- Review, isolate, analyze, and reverse engineer vulnerabilities in open-source software
- Document attack capabilities
- Provide detection and remediation guidance
- Aid in ideas and prototypes for new tooling
- Collaborate with other team members toward shared product goals
- Improve Sonatype products by providing valuable security data
- Work with technology and business team members to define and refine requirements in an agile development environment
**Required Qualifications**:
- Bachelor of Science Degree in Computer Science, Cybersecurity, Engineering, or related field; or at least 4 years of related work experience in lieu of a degree
- Knowledge of Java, C#, or JavaScript
- Excellent oral and written communication skills
- Excellent organizational skills and detail oriented
- Ability to work independently and as part of a team
**Desired Qualifications**:
- Knowledge of different languages such as Python, Ruby, and scripting is a plus
- Knowledge of different operating systems such as *NIX, Windows is a plus
- Application vulnerability assessment or penetration testing experience is a plus
- Knowledge of open source environments like GitHub is a plus
We are Sonatype, and we have assembled a world class team of employees, investors, and partners. We are proud to be recognized as a Deloitte Technology Fast 500 company for 2016. With more than 120,000 installations and counting, Nexus products are helping modern development organizations intelligently source, manage, assemble, and maintain open source and third-party components, so they can improve the quality, security, and speed of their software supply chains.
We are curious and constantly innovating without fear of failure. We are attacking a huge and emerging market and seeking remarkably talented individuals to join us on our journey.
Sonatype is proud to be an equal opportunity workplace and an affirmative action employer that is committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or Veteran status. If you have a disability or special need that requires accommodation, please do not hesitate to let us know.
At Sonatype, we value diversity and inclusivity. We offer perks such as parental leave, diversity, and inclusion working groups, and flexible working practices to allow our employees to show up as their whole selves. We are an equal opportunity employer, and we do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status. If you have a disability or special need that requires accommodation, please do not hesitate to let us know.
LI-Remote
-
Security Researcher
hace 3 semanas
Desde casa, Colombia Sonatype A tiempo completoSonatype is the software supply chain management company. We're on a mission to change how the world innovates by making software development easier. From running the world's largest repository of Java open-source components (Maven Central) to inventing componentized software development and then software supply chain management to creating the only solution...
-
Associate Security Researcher
hace 7 días
Desde casa, Colombia Sonatype A tiempo completoSonatype is the software supply chain management company. We're on a mission to change how the world innovates by making software development easier. From running the world's largest repository of Java open-source components (Maven Central) to inventing componentized software development and then software supply chain management to creating the only solution...
-
Vulnerability Management Specialist
hace 3 semanas
Desde casa, Colombia dLocal A tiempo completo**Why you should join dLocal?** dLocal enables the biggest companies in the world to collect payments in 40 countries in emerging markets. Global brands rely on us to increase conversion rates and simplify payment expansion effortlessly. As both a payments processor and a merchant of record where we operate, we make it possible for our merchants to make...
-
Security Engineer
hace 4 días
Desde casa, Colombia Caseware A tiempo completoCaseware is one of Canada's original Fintech companies, having led the global audit and accounting software industry for over 30 years, with more than 500,000 users across 130 countries and available in 16 different languages. While you might not have heard of us (yet) over 36,000 accounting and audit professionals list Caseware as a skill on their LinkedIn...
-
Security Engineer
hace 2 semanas
Desde casa, Colombia Caseware A tiempo completoCaseware is one of Canada's original Fintech companies, having led the global audit and accounting software industry for over 30 years, with more than 500,000 users across 130 countries and available in 16 different languages. While you might not have heard of us (yet) over 36,000 accounting and audit professionals list Caseware as a skill on their LinkedIn...
-
Security Automations Engineer
hace 2 semanas
Desde casa, Colombia Caseware A tiempo completoCaseware is one of Canada's original Fintech companies, having led the global audit and accounting software industry for over 30 years, with more than 500,000 users across 130 countries and available in 16 different languages. While you might not have heard of us (yet) over 36,000 accounting and audit professionals list Caseware as a skill on their LinkedIn...
-
Director, Application
hace 5 días
Desde casa, Colombia Zayo Group A tiempo completoCompany Description Zayo provides mission-critical bandwidth to the world’s most impactful companies, fueling the innovations that are transforming our society. Zayo’s 141,000-mile network in North America and Europe includes extensive metro connectivity to thousands of buildings and data centers. Zayo’s communications infrastructure solutions include...
-
Cloud Security Engineer
hace 4 semanas
Desde casa, Colombia EPAM Systems A tiempo completoYou are the first line of defense. More than 1000 cyberattacks are performed in Latin America every second. As a Cloud Security Engineer, you’ll be in the frontlines against these threats, your goal is to ensure that business continuity remains, that there is never data loss, or downtime and that every possible vulnerability is covered. Be the hero the...
-
Security Engineer
hace 3 semanas
Desde casa, Colombia Provectus A tiempo completoProvectus is a global technology consulting firm and AWS Premier Partner, that designs and builds solutions for industry-specific use cases, leveraging expertise in data, machine learning, and cloud technologies while fostering a collaborative and inclusive culture. We are seeking a dedicated and proactive Security Engineer to join our dynamic...
-
Information Security Risk Specialist
hace 4 días
Desde casa, Colombia Convergenz A tiempo completoMinimum Qualifications: Experience with NIST special publications and FIPS Experience with information security and assurance principles, including the NIST Cybersecurity Framework Experience with assisting and leading efforts involving the development and interpretation of SOPs, directives and other guidance documents. Experience with assessing NIST...
-
Senior Endpoint Security Engineer
hace 2 semanas
Desde casa, Colombia GoDaddy A tiempo completoLocation Details: Remote - Colombia**Remote: This is a remote position, so you'll be working remotely from your home. You may occasionally visit a GoDaddy office to meet with your team for events or offsites.Join Our TeamLocationRemote - ColombiaWhat you'll get to doDeploy Endpoint Detection & Response (EDR) technology across GoDaddy's diverse environment,...
-
Information Security Risk Specialist
hace 2 semanas
Desde casa, Colombia Convergenz A tiempo completoMinimum Qualifications:Experience with NIST special publications and FIPSExperience with information security and assurance principles, including the NIST Cybersecurity FrameworkExperience with assisting and leading efforts involving the development and interpretation of SOPs, directives and other guidance documents.Experience with assessing NIST security...
-
Cyber Security Analyst
hace 2 semanas
Desde casa, Colombia TheHive A tiempo completoPOSITION:Cyber Security AnalystSECTION/UNIT:Technology TeamReports to: Chief Technology OfficerSupervises:N/AJOB PURPOSEThe Cyber Security Analyst will be responsible for protecting all of the companys hardware, software, and networks from cybercriminals. The analyst's primary role will be to understand the company IT infrastructure in detail in order to...
-
Senior Security Engineer
hace 4 días
Desde casa, Colombia GoDaddy A tiempo completo**Location Details**: Remote - Colombia** **Remote**: This is a remote position, so you’ll be working remotely from your home. You may occasionally visit a GoDaddy office to meet with your team for events or offsites. **Join our Team** Our Pagely security team is seeking a Senior Security Engineer (SSE) to join our platform security team to protect our...
-
Cyber Security Analyst
hace 4 semanas
Desde casa, Colombia TheHive A tiempo completo**POSITION**:Cyber Security Analyst **SECTION/UNIT**:Technology Team **Reports to**: Chief Technology Officer **Supervises**:N/A **JOB PURPOSE** The Cyber Security Analyst will be responsible for protecting all of the companys hardware, software, and networks from cybercriminals. The analyst's primary role will be to understand the company IT...
-
Senior Security Engineer
hace 2 semanas
Desde casa, Colombia GoDaddy A tiempo completoLocation Details: Remote - Colombia**Remote: This is a remote position, so you'll be working remotely from your home. You may occasionally visit a GoDaddy office to meet with your team for events or offsites.Join our TeamOur Pagely security team is seeking a Senior Security Engineer (SSE) to join our platform security team to protect our platforms against...
-
Director, Application
hace 2 semanas
Desde casa, Colombia Zayo Group A tiempo completoCompany DescriptionZayo provides mission-critical bandwidth to the world's most impactful companies, fueling the innovations that are transforming our society. Zayo's 141,000-mile network in North America and Europe includes extensive metro connectivity to thousands of buildings and data centers. Zayo's communications infrastructure solutions include dark...
-
Cloud Security Architect
hace 4 semanas
Desde casa, Colombia EPAM Systems A tiempo completoWHAT YOU HAVE - BS/MS in computer science, engineering, or information technology, or equivalent work experience - Strong understanding of appsec technologies such as WAF, API gateways, SAST, DAST, and SCA - Experience conducting code reviews, threat modeling, and/or ethical hacking - Understanding of approaches for securing SaaS apps (such as Salesforce,...
-
Web Researcher
hace 7 días
Desde casa, Colombia Dev.Pro A tiempo completoJoin Dev.Pro - a US-based outsourcing software development company that has been delivering exceptional software experience to clients since 2011. **What’s in it for you**: - Join a thriving IT company with 850+ global specialists and experience the unique culture of a US-based business - Polish your research skills by working on diverse projects and...
-
Senior Software Engineer
hace 2 semanas
Desde casa, Colombia Sonatype A tiempo completoSonatype is the software supply chain management company. We're on a mission to change how the world innovates by making software development easier. From running the world's largest repository of Java open-source components (Maven Central) to inventing componentized software development and then software supply chain management to creating the only solution...