The Senior Security Researcher will investigate and analyze vulnerabilities in open-source software. Sonatype is looking for a passionate, driven and talented developer to provide high-quality security data from researching software vulnerabilities. This is not a development position but relies on development experience to help navigate complex architectures and threat vectors in open-source software. This high-quality security data ensures that our customers are getting maximum value out of our products making them feel like they are part of the Sonatype family. If you are a positive-thinker and problem-solver and believe that customer success and company success go hand-in-hand, this is a great job for you. This position will provide a valuable learning opportunity with the great potential to grow your newly started career in cyber-security. Enjoy your job as you work in a fast-paced, flexible, and fun environment, with talented, diverse, and forward-thinking individuals. Key Areas of Focus



Review, isolate, analyze, and reverse engineer vulnerabilities in open-source software



Document attack capabilities



Provide detection and remediation guidance



Aid in ideas and prototypes for new tooling



Collaborate with other team members toward shared product goals



Improve Sonatype products by providing valuable security data



Work with technology and business team members to define and refine requirements in an agile development environment



Required Background



5+ years of experience in application security or development experience in Java, C#, Python, JavaScript, C/C++ or Ruby



Excellent oral and written communication skills



Excellent organizational skills and detail-oriented



Ability to work independently and as part of a team



Desired Background