Back to all jobs

Senior Security Analyst

Snyk

May 10

CLOUD THREAT INTEL SQL PYTHON JAVASCRIPT

We are looking for a curious, analytical, and detail-oriented Security Analyst to join our team and help us build the best DB of open source vulnerabilities out there.

Your Role

In modern software development, much of any project's code relies on open source packages. These are out there in the world, visible to anyone, and within that code there are vulnerabilities. As part of our team, you'll join us on our mission to continually improve our ability to find these open source vulnerabilities in a programmatic way.

You'll join our interdisciplinary team, alongside fully dedicated engineers focused on building tools that make your work more effective and have lots of opportunities to learn and grow. This role is particularly well-suited to help you develop a deep understanding of how code works, and over time you'll have the opportunity to work with just about every programming language.

You’ll spend your time:

  • Triaging and analysing potential vulnerabilities discovered within open-source dependencies
  • Further researching known vulnerabilities to determine characteristics such as severity and exploitability
  • Using research to verify or disqualify potential vulnerabilities
  • Using data analyst techniques to answer research questions about vulnerabilities, and general threat intelligence trends
  • Developing and testing theories and hypotheses around new areas that Snyk tackles
  • Exploring and establishing the new abilities we need to develop our product to further achieve our mission
  • Training machine learning models to find where vulnerabilities are most likely to exist, using a combination of our unique database of verified known vulns; information about how the open source community operates; and the static code itself

You should apply if you:

  • You're comfortable working with large datasets (we mainly use BigQuery, PostgreSQL, Looker)
  • You have a passion for security and an interest in the problem space
  • You’ve triaged and analysed data before and you have experience using statistical tools to help answer research questions
  • You love to automate your work, by writing your own scripts (we use Python and JavaScript)
  • You love learning new techniques and getting experience in new fields

We’d especially love to hear from you if you:

  • You have worked with researchers before, ideally in the security space or have conducted security research yourself
  • You have experience PoCing vulnerabilities and dealing with vulnerability disclosures
  • You have worked closely with Data Scientists in the past and have experience working with ML

About Snyk

Snyk is the leader in developer security. We empower the world's developers to build secure applications and equip security teams to meet the demands of the digital world. Our developer-first approach ensures organizations can secure all of the critical components of their applications from code to cloud, leading to increased developer productivity, revenue growth, customer satisfaction, cost savings and an overall improved security posture. 

At Snyk, we envision an inclusive technology industry powering a more sustainable and secure world. Since our founding, Snykers have cared deeply for one another and the developer and security communities as well as the larger world around us. Learn more about our Snyk Impact social and environmental mission and take action with us here.

Snyk's Developer Security Platform automatically integrates with a developer's workflow and is purpose-built for security teams to collaborate with their development teams. Snyk is used by 1,200 customers worldwide today, including industry leaders such as Asurion, Google, Intuit, MongoDB, New Relic, Revolut and Salesforce.

Snyk is recognized on the Forbes Cloud 100 2021, the 2021 CNBC Disruptor 50 and was named a Visionary in the 2021 Gartner Magic Quadrant for AST.

Apply