OSS Security Researcher
At JFrog, we’re reinventing DevOps to help the world’s greatest companies innovate -- and we want you along for the ride. This is a special place with a unique combination of brilliance, spirit and just all-around great people. Here, if you’re willing to do more, your career can take off. And since software plays a central role in everyone’s lives, you’ll be part of an important mission. Thousands of customers, including the majority of the Fortune 100, trust JFrog to manage, accelerate, and secure their software delivery from code to production -- a concept we call “liquid software.” Wouldn't it be amazing if you could join us in our journey?
We are looking for an experienced researcher to join the team. As the OSS Security Researcher at JFrog, you will perform research on compiled code, source code, published advisories (such as CVEs) and various security-related subjects. The position requires proven experience in security nomenclature and understanding of both high-level and low-level attacks.
As an OSS Security Researcher in JFrog you will...
- Monitor published security advisories, malicious software, and novel attack/mitigation techniques
- Research code related to security advisories from various coding languages and technologies
- Research malicious software from various coding languages and technologies
- Define and implement ways to detect malicious code and vulnerable instances of known vulnerabilities
- Write technical reports regarding all research subjects mentioned above
To be an OSS Security Researcher in JFrog you need...
- Basic experience with non-binary code exploitation (ex. Pentesting backend environments or web applications)
- 1+ years of programming experience in Python programming
- Experience in writing technical reports
- Vulnerability research experience in any of the following languages: Python, Node.JS, Java, C
- Experience in binary reverse engineering - An advantage
- DevOps experience - An advantage