Associate Security Researcher

March 5

Apply Now
Logo of Sonatype


Bringing you a better way to build software.

Open Source • Open Source Governance • Management and Compliance • Repository Management • DevOps

501 - 1000

💰 $80M Private Equity Round on 2018-09


• Investigate and analyze vulnerabilities in open-source software • Review, isolate, analyze, and reverse engineer vulnerabilities • Document attack capabilities • Provide detection and remediation guidance • Aid in ideas and prototypes for new tooling • Collaborate with team members toward shared product goals • Improve Sonatype products by providing valuable security data • Enjoy a fast-paced, flexible, and fun work environment • Support a diverse and inclusive company culture • Engage in remote communication tools • Enhance how the world develops software


• Bachelor of Science Degree in Computer Science, Cybersecurity, Engineering, or related field; or at least 4 years of related work experience in lieu of a degree • 0 to 3 years of experience in software development or application security • Basic knowledge of Java, C#, or JavaScript • Basic Knowledge of application security such as the OWASP Top 10 or Sans 25 • Desired: 5+ years experience in software development or application security • Excellent oral and written communication skills • Excellent organizational skills and detail oriented • Ability to work independently and as part of a team


• 100% remote position • High-quality security data from researching software vulnerabilities • Valuable learning opportunity in cyber-security • Fast-paced, flexible, and fun work environment • Opportunity to work with talented, diverse, and forward-thinking individuals • Remote first company culture • Parental leave • Diversity and inclusion working groups • Flexible working practices • Equal-opportunity employer • Accommodations for disabilities or special needs • Career development and growth opportunities

Apply Now
Built by Lior Neu-ner. I'd love to hear your feedback — Get in touch via DM or