Security Researcher - Knowledge Base
At Azul we emphasize empowerment, enablement and collaboration designed to foster speed of decision making and creative approaches to driving customer value. We are distributed across the world and offer the flexibility of working from home as well as the structure of an office environment that focuses on employee wellness and opportunities for professional growth.
Azul continues to grow and we are actively interviewing Java Software Engineers to work with us on developing Azul Intelligence Cloud.
This SaaS product connects millions of JVM runtimes, collects and aggregates detailed information from them, analyzes code use, detects vulnerabilities and provides code inventory.
**What youll do**:
- The Security Researcher will understand a wide variety of security vulnerabilities, across various environments and data sources, figure out which libraries are related to each of the reported vulnerabilities and will be able to integrate findings into actionable data artifacts as part of the Knowledge Base team.
- The researcher will act across various domains, capable of understanding and building data flows, automation and processes aimed at continuous improvement of our proprietary knowledge base.
- We expect you to lead professional discussion about the architecture and technological future of our product and its newly designed functionalities. Working as a team is important for us and your opinion matters!
**We are looking for a person who**:
- Has 5+ years of working experience in the information security or development ops industry.
- Has experience with data pipelines and data mining.
- Has positive energy and enjoys communication with others.
- Holds BS/MS degree in Computer Science, Engineering, Mathematics or a related field or equivalent experience.
- Is able to collaborate with and motivate multiple groups toward accomplishing a task.
- Familiar with modern SDLC practices, cloud-based architecture, and deployment patterns including technologies such as git, CI/CD pipelines (GitHub, GitLab), Docker, Kubernetes, AWS, Azure, etc.
- Proficiency in using security research tools and databases (e.g., NVD, MITRE, CVE Details)
- Familiarity with the world of Java vulnerabilities is a plus.
- Some programming knowledge is a great plus.
- Relevant certifications such as CISSP, CEH, or OSCP are a plus
**Key responsibilities**:
- Be responsible for vulnerability and component data quality.
- Provide input and guidance on data flows, automation, development, and functional requirements for knowledge mining. Create a data verification flow for components and vulnerabilities.
- Triage and correlate CPEs, CVEs, and other common security defects.
- Integrate security findings from various areas into data artifacts.
- Regularly audit and review database entries to ensure ongoing relevance and correctness.
- Investigate, understand, and contextualize a wide array of vulnerabilities and be able to explain them at a technical depth appropriate to the audience.
- Work with different resources, repositories like Maven, GitHub and analyze data knowledge sources like Snyk, VulDB, OSV, CVEDetails, etc.
- Assess the severity and potential impact of newly discovered vulnerabilities. Define the SLA for processes on different levels.
**What we offer**:
- Comprehensive compensation and healthcare packages
- Equity Program - be part of our success
- Referral Program
- Work-life balance, remote-first, paid time off, company shutdown, holidays
- Work with top experts worldwide who contribute to the Java ecosystem
💡 Doporučuji: Vytvořte si svůj profesionální životopis (zdarma a snadno), se kterým zvýšíte šanci na získání lepší práce.
💡 Podívejte se na video 6 tipů pro životopis, díky kterým získáte pozvánku na pohovor, které Vám pomůže s přípravou životopisu a motivačního dopisu pro zvýšení šancí na pozvání na pohovor.
Zajímavé nabídky práce v okolí:
Práce Security Researcher - Knowledge Base: Často kladené otázky
👉 V jakém městě se nabízí nabídka práce Security Researcher - Knowledge Base?
Práce je nabízena v lokalitě Praha.
👉 Jaká firma nabírá na tuto pozici?
Tato nabídka práce je do firmy Azul Systems.