Every day, the world gets more digital thanks to tens of millions of developers building the future faster than ever. But with exponential growth comes exponential risk, as outnumbered security teams struggle to secure mountains of code. This is where Snyk (pronounced “sneak”) comes in. Snyk is a developer security platform that makes it easy for development teams to find, prioritize, and fix security vulnerabilities in code, dependencies, containers, and cloud infrastructure — and do it all right from the start. Snyk is on a mission to make the world a more secure place by empowering developers to develop fast and stay secure.
We are looking for a curious, analytical and detail-oriented Security Analyst to join our team and help us uncover unknown vulnerabilities that exist in open source.
In modern software development, much of any project's code relies on open source packages. These are out there in the world, visible for anyone, and within that code there are vulnerabilities. As part of our security team, you'll join us on our mission to continually improve our ability to find these open source vulnerabilities in a programmatic way.
You'll join our interdisciplinary security team, alongside fully dedicated engineers focussed on building tools that make your work more effective and have lots of opportunities to learn and grow. This role is particularly well-suited to help you develop a deep understanding of how code works, and over time you'll have the opportunity to work with just about every programming language. You can read here in-depth about the way the team works and builds out the leading open source security database.
You’ll Spend Your Time:
- Triaging and analysing potential vulnerabilities discovered within open-source dependencies
- Further researching known vulnerabilities to determine characteristics such as severity and exploitability
- Using research to verify or disqualify potential vulnerabilities
- Using data analyst techniques to answer research questions about vulnerabilities, and general threat intelligence trends
- Developing and testing theories and hypotheses around new areas that Snyk tackles
- Exploring and establishing the new abilities we need to develop our product to further achieve our mission
What You’ll Need:
- Experience working with large datasets (we use BigQuery; ideally you'll have used one of BigQuery, elasticsearch, kibana, hadoop etc.)
- A passion for security and an interest in the problem space
- Experience triaging and analysing data before using techniques and tools such as pandas and jupyter
- Experience using statistical tools to help answer research questions
- Previous experience working with open source codebases
We’d be Lucky if You:
- You have worked with researchers before, ideally in the security space or have conducted security research yourself
- You have experience PoCing vulnerabilities and dealing with vulnerability disclosures
- You have worked closely with Data Scientists in the past and have experience working with ML
We care deeply about the warm, inclusive environment we’ve created and we value diversity – we welcome applications from those typically underrepresented in tech. If you like the sound of this role but are not totally sure whether you’re the right person, do apply anyway!
Snyk is committed to creating an inclusive and engaging environment where our employees can thrive as we rally behind our common mission to make the digital world a safer place. From Snyk employee resource groups, to global benefits that help our employees prioritize their health, wellness, financial security, and a work/life blend, we aim to support our employees along their entire journeys here at Snyk.
Benefits & Programs
Prioritize health, wellness, financial security, and life balance with programs tailored to your location and role.
- Flexible working hours, work-from home allowances, in-office perks, and time off for learning and self development
- Generous vacation and wellness time off, country-specific holidays, and 100% paid parental leave for all caregivers
- Health benefits, employee assistance plans, and annual wellness allowance
- Country-specific life insurance, disability benefits, and retirement/pension programs, plus mobile phone and education allowances
Something looks off?