Senior Security Researcher

Remote Full-time
Looking for an innovative, high-growth, multi-award-winning company in one of the hottest segments of the security market? Look no further than Veracode!

Veracode is a global leader in Application Risk Management for the AI era. Powered by trillions of lines of code scans and a proprietary AI-generated remediation engine, the Veracode platform is trusted by organizations worldwide to build and maintain secure software from code creation to cloud deployment.

Learn more at www.veracode.com, on the Veracode blog, and on LinkedIn and Twitter.

Senior Security Researcher

We are seeking a Senior Security Researcher to join Veracode’s Applied Research Group. The Senior Security Researcher will lead research projects for improving the capabilities and quality of Veracode’s Static Application Security Testing (SAST). They will also conduct original security research to give back to the community and advance its knowledge.

What you will be responsible for:
• Conduct research to identify potential weaknesses and security vulnerabilities in C / C++ and C# / .NET applications as well as others as the need arises.
• Describe vulnerabilities and potential exploits, and produce proofs of concept and representative examples to aid engineering teams in building product capabilities
• Engage in binary and source static analysis/reverse-engineering of applications
• Conduct research to improve automation, accuracy, and efficiency of detection techniques and related systems, using both our own proprietary software as well as open-source tools.
• Contribute expertise to Veracode’s customer- and public-facing documentation to ensure information is current, accurate, and actionable
• Mentor and provide technical guidance to developers and researchers
• Actively participate in the software security community by attending and presenting at industry conferences, conducting and publishing original research, contributing articles to the Veracode blog and/or trade blogs and magazines, etc.

Required Skills:
• 2+ years of practical reverse-engineering or binary static-analysis experience, including familiarity with Abstract Syntax Trees (AST), reflection, or other code transformation approaches; compilers and associated tooling; and decompilers, disassemblers, and/or debuggers used in binary analysis
• 1+ years of practical application security experience, such as source code auditing, penetration testing, product assessment, vulnerability research
• The ability to enter a ā€œbreakerā€ mentality – Veracode is defensively-oriented, but our research requires an offensive mindset, including the ability to asses the attack surface of a piece of software.
• Prototyping ability – must be comfortable producing ā€œquick and dirty hacksā€ to demonstrate a concept or solve a one-off problem
• Strong professional skills:
• Attention to detail as part of a commitment to quality
• Analytical and organizational capability for advocating, planning, and executing projects independently
• Ability to understand technical and security issues from a customer points of view
• Strong written and verbal communication ability in English, especially technical writing for a developer audience

What we offer you:
• Outstanding Medical, Dental, and Vision Coverage to meet all your healthcare needs.
• Wellness benefits to help you focus on what’s most important.
• ā€œTake What You Needā€ time off policy.
• Extensive development and training offerings to help you grow your career at Veracode.
• Generous 401k match to help save for your future.
• Amazing community of professionals who take pride in what we do every day.

Compensation Transparency

In accordance with U.S. pay transparency laws, Veracode provides compensation transparency for roles based in the United States. Click here to view our compensation ranges by grade. Please note, specific compensation may be influenced by various factors including candidates experience, education, and work location.

Job Grade: Senior

Employment opportunities are available to all applicants without regard to race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.
Fraudulent Recruitment Alert - Be Aware and Stay Informed

At Veracode, we prioritize a secure recruitment process. Unfortunately, fake recruitment and job offer scams are on the rise. They aim to deceive candidates through emails and calls to obtain sensitive information.

Here’s our recruitment promise to you:
• Comprehensive Interview Process: We never extend job offers without a comprehensive interview process involving our recruitment team and hiring managers.
• Offer Communications: Our job offers are not sent solely through email, and we will never ask you to pay for your own hardware.
• Email Verification: Recruiting emails from Veracode will always originate from an ā€œ@veracode.com" email address.

If you have any doubts about the authenticity of an email, letter, or telephone communication claiming to be from Veracode, please reach out to us at [email protected] before taking any further action.

Apply Now

Apply Now
Apply Now →

Similar Jobs

Experienced Registered Behavior Technician for In-Home ABA Therapy - Atlanta, GA

Remote

Immediate Hiring: Experienced Registered Behavioral Technician (RBT) for Clinic-Based ABA Therapy Services

Remote

Experienced Registered Behavioral Technician (RBT) - ABA Therapy for Children with Autism Spectrum Disorder

Remote

Experienced Registered Nurse - Telehealth: Providing Remote Care Coordination and Patient Support

Remote

Experienced Substitute Teacher for Riverside County Schools - Join Scoot Education's Innovative Team

Remote

Experienced Substitute Teacher for San Bernardino County - Flexible Schedules & Competitive Pay

Remote

Experienced School Year Instructional Coach for High-Dosage Tutoring Programs in Edgewater Park, NJ

Remote

Experienced School Year Tutor for K-8 Students in Math and Literacy - Mickleton, NJ

Remote

Experienced Secondary Social Studies Teacher for Kansas - Flexible Hybrid Remote Arrangement

Remote

USPS Office Helper

Remote

Experienced Clinical Research Coordinator for Genetic Studies of Alzheimer's Disease and Related Dementias - Remote Opportunity with Travel Requirements

Remote

Program Manager, Sales Operations

Remote

Librarian for Japanese Collections job at Stanford University in Stanford, CA

Remote

Experienced Customer Support Specialist for Global Regulatory Technology Leader – Delivering Exceptional Client Experiences in a Fast-Paced SaaS Environment

Remote

Hybrid Veterinary Customer Service Representative (CSR)

Remote

Sr. Investment Services Analyst - Retirement Plans

Remote

RBT In Clinic

Remote

Online Learning and Instruction Librarian

Remote

Data Entry Specialist – careerzynith Remote E‑Commerce Product Management (Part‑Time, No Experience Required)

Remote

Business Strategy Principal

Remote
← Back