Security Researcher- JFrog Security
At JFrog, we’re reinventing DevOps to help the world’s greatest companies innovate -- and we want you along for the ride. This is a special place with a unique combination of brilliance, spirit and just all-around great people. Here, if you’re willing to do more, your career can take off. And since software plays a central role in everyone’s lives, you’ll be part of an important mission. Thousands of customers, including the majority of the Fortune 100, trust JFrog to manage, accelerate, and secure their software delivery from code to production -- a concept we call “liquid software.” Wouldn't it be amazing if you could join us on our journey?
JFrog Security is one of the main pillars of the JFrog offering and long term strategy. We are pushing the boundaries of security analysis of both binaries and code, shifting left and bringing new and exciting features to both developers and DevOps. We are looking for an experienced security researcher to join the team. As a Security Researcher at JFrog, you will perform research on compiled code, source code, published advisories (such as CVEs) and various security-related subjects. The position requires proven experience in security nomenclature and an understanding of both high-level and low-level attacks.
As a Security Researcher at JFrog you will...
- Research CVEs and one-day vulnerabilities from various coding languages and technologies
- Research malicious code in public repositories from various coding languages and technologies
- Define and implement ways to detect malicious code and vulnerable instances of known vulnerabilities
- Perform security configuration research on various open source technologies, frameworks, and libraries.
- Write technical reports regarding all research subjects mentioned above
To be a Security Researcher at JFrog you need...
- Vulnerability research experience in any of the following languages: Python, Node.JS, Java, C, Go
- Experience in writing technical reports
- Basic experience with non-binary code exploitation (ex. Pentesting backend environments or web applications)
- 1+ years of programming experience in Python programming
- Experience in binary reverse engineering
- DevOps experience - An advantage