Senior Staff Software Engineer

Summary

Join SecurityScorecard as a Senior Staff Software Engineer and contribute to the development and maintenance of our vulnerability tracking platform. You will build scalable, user-friendly applications that aggregate, process, and present security vulnerability information. This role requires proficiency in PHP, JavaScript, and Java, along with experience working with APIs and databases. You will integrate with CVE databases and design efficient search and filtering features. The ideal candidate possesses a strong understanding of security concepts and vulnerability data. SecurityScorecard offers a competitive salary, stock options, health benefits, unlimited PTO, parental leave, and tuition reimbursements.

Requirements

• Proficiency in PHP, JavaScript (Node.js, jQuery, Vue, React), and Java, with experience developing scalable web applications
• Experience working with APIs, web scraping, or data aggregation from third-party sources
• Strong understanding of databases (SQL, NoSQL, Elasticsearch, or similar) for efficient data storage and retrieval
• Some familiarity with CVE databases, vulnerability classification (CVSS, CWE), and security advisories
• Experience designing user-friendly dashboards, reports, and visualization tools for technical and non-technical users
• Solid understanding of web security best practices (e.g., preventing XSS, CSRF, and SQL injection)
• Knowledge of API security, authentication mechanisms (OAuth, JWT), and access control
• Ability to work with large datasets, optimizing queries and indexing strategies for fast retrieval
• Strong debugging, troubleshooting, and performance optimization skills

Responsibilities

• Develop, maintain, and enhance a vulnerability tracking and reporting platform that displays CVEs, security advisories, and related data
• Integrate with CVE databases, security feeds, and APIs (e.g., NVD, MITRE, OSV) to collect and display up-to-date vulnerability information
• Design and implement efficient search, filtering, and categorization features to help users explore vulnerability data effectively
• Develop and optimize the frontend using JavaScript frameworks (Vue, React, jQuery) for a seamless user experience
• Implement backend logic in PHP and Java to process, normalize, and store large volumes of vulnerability-related data
• Ensure data integrity, accuracy, and performance by designing robust database structures and indexing strategies
• Work with security teams and analysts to improve the way vulnerabilities are presented and categorized
• Optimize API performance and ensure the application can scale with growing datasets
• Implement user authentication, role-based access control (RBAC), and security best practices to protect platform users and data
• Automate data ingestion, updates, and notifications for newly published vulnerabilities

Preferred Qualifications

• Experience integrating with security APIs such as MITRE CVE, NVD, OSV, VulnDB, or similar
• Knowledge of container security (Docker, Kubernetes) and cloud infrastructure (AWS, Azure, GCP)
• Experience with search technologies like Elasticsearch or OpenSearch for indexing and querying vulnerability data
• Familiarity with machine learning or automation techniques to enhance vulnerability analysis
• Background in cybersecurity, vulnerability management, or security engineering

Benefits

• Competitive salary
• Stock options
• Health benefits
• Unlimited PTO
• Parental leave
• Tuition reimbursements