At Contrast Security, we’re redefining how organizations protect their software at the speed of modern development. With industry-leading Application Detection and Response (ADR), we give teams the power to detect, stop and fix real threats in real time. If you're passionate about building smarter, faster, more effective security, you’ll fit right in.
We’re looking for sharp minds, fearless builders, and problem-solvers who thrive on turning complex challenges into innovative solutions.
About the Position
Our Application Security Research team is hyper-focused on vulnerability and threat research affecting the world's software ecosystem to deliver world-class runtime application security products. He or she will maintain the fidelity of research and findings in our real-time security intelligence platform. This research can involve testing emerging vulnerabilities and novel research, both of which will be used to develop Contrast’s runtime capabilities further. This role will work closely with product and engineering functions to creatively solve complex problems in the world of application security. In addition to product development functions, this position will present opportunities to contribute original research for publication on company blogs, papers, and conference presentations.
Responsibilities
Conduct basic and applied research on important and challenging problems in application security to creatively improve and innovate runtime products
Help define and drive research projects, either on your own or in collaboration with others on the team
Engage with Contrast’s product teams and customers to promote and seek out new research initiatives
Support the gathering of language, library, license, and application security research
Process emerging threats, such as evaluating externally found CVEs and risks
Development and presentation of content associated with security research through conference speaking and/or blogging
Provide tier-3 support for reported incidents and escalation of security findings review
Provide mentorship and direction to the team
Qualifications
Software background in Java and .NET (plus if you have experience with NodeJS, Python, and Ruby.)
Able to develop purposefully vulnerable applications and exploit them
Understand the OWASP Top 10 and SANS/CWE Top 25
Experience with ethical hacking and vulnerability management reporting
Knowledge of cloud hosting environments (AWS, Azure, GCP, OCI, etc.)
You have strong communication skills
You ask questions, let others know when you need help, and tell others what you need
5+ years of experience in industry application security research, pen-testing, consulting, or direct application
You have a hacker’s curiosity blended with an engineer’s problem-solving
Please include a link to your Github or BitBucket account and any links to some of your projects, if available
We are focused on building a diverse and inclusive workforce. If you’re excited about this role, but do not meet 100% of the qualifications listed above, we encourage you to apply.
We're transforming the way the world secures software. If you're ready to make a real impact, thrive in a fast-paced environment, and grow alongside a team of passionate professionals, we’d love to hear from you.
Apply today and help us shape the future of application security.
Loading similar jobs...
Discover fully remote job opportunities in the United States at USA Remote Jobs. Apply for roles like Software Developer, Customer Service Specialist, Project Manager, and more!