Security Research Engineer

Summary

Join QwietAI, a leading DevSecOps Security company, as a Security Research Engineer. You will conduct research on emerging cybersecurity threats, communicate findings, create security policies to mitigate vulnerabilities, and review customer applications. Collaboration with the Data Science team on machine learning models is also a key aspect. The role requires a Bachelor's degree in a related field, 2 years of code auditing experience, and a strong understanding of software security concepts. Experience with various programming languages is essential. The company offers a modern code analysis platform and a supportive team environment.

Requirements

• Bachelor's degree in Computer Science, Software Engineering or a related field, or equivalent experience
• 2 years of code auditing experience in one or more languages: Java, C#, JavaScript, Go, Python, Swift, Kotlin, Ruby, TypeScript, C, C++, Rust, Objective-C, PHP or Scala
• A sophisticated understanding of OWASP's Top 10
• Knowledge of common vulnerability patterns
• Ability to identify patterns in vulnerabilities/vulnerability classes
• Demonstrable experience developing software in one or more programming languages: Java, C#, JavaScript, Go, Python, Swift, Kotlin, Ruby, TypeScript, C, C++, Rust, Objective-C, or Scala
• Desire to learn new frameworks and languages
• Knowledge of static analysis
• Knowledge of compilers
• Strong problem-solving and analytical skills, as well as attention to detail
• Excellent communication and interpersonal skills to work collaboratively with team members

Responsibilities

• Conduct research on emerging cybersecurity threats and related technology
• Communicate research findings to the team and the broader security community
• Create and improve policies to prevent and mitigate security vulnerabilities in code
• Help review customers applications to make sure vulnerability findings, weaknesses, and other issues are captured accurately
• Develop new techniques and approaches to help customers improve their code security practices
• Collaborate with Data Science and other teams to develop innovate and easy to use solutions for our customers

Preferred Qualifications

• Published CVEs
• Certifications such as OSCP
• Familiarity with Code Property Graph