We are looking for a curious, analytical and detail-oriented analyst to join our team and help us uncover unknown vulnerabilities that exist in open source.
The use of open source software is booming: technology is integral to almost every facet of our lives, and almost all software developers rely on open source components, but security is a key concern. Our product enables developers to continuously find & fix vulnerable dependencies, without slowing down development.
We’re proud of our industry-leading vulnerability database - it is the engine that powers our products. As part of our security team you’ll focus on growing and improving our knowledge of the vulnerabilities that exist in open source software.
In modern software development, much of any project’s code relies on open source packages. These are out there in the world, visible for anyone, and within that code there are vulnerabilities. As part of our security team, you’ll join us on our mission to continually improve our ability to find these open source vulnerabilities in a programmatic way.
You’ll spend your time:
You should apply if:
We’d especially love to hear from you if you:
Please apply below! We care deeply about the warm, inclusive environment we’ve created and we value diversity - we welcome applications from those typically underrepresented in tech. If you like the sound of this role, but are not totally sure whether you’re the right person, do apply anyway :)
We are very happy to help you learn if you don't have previous experience with all of the subjects listed here - we believe curiosity, communication, and the ability to learn are most important.
Want to learn more about the role?
Read about the team’s mission and methodologies
Read about our open source vulnerability disclosure program
Read an example of how we find and disclose vulnerabilities
Snyk’s mission is to help developers use open source code and stay secure.
The use of open source is booming, but security is a key concern (https://snyk.io/stateofossecurity/). Snyk’s unique product enables developers and enterprise security teams to continuously find & fix vulnerable dependencies without slowing down, offering seamless integration into Dev, DevOps and DevSecOps workflows. We care deeply about the quality and usefulness of the tools we develop, always focusing on our customers and users.
We are experiencing rapid growth - and we want you to join us! By September 2020, Snyk was already adopted by over 1.5M developers, including multiple enterprise customers (such as Google, New Relic, ASOS and others). Our September 2020 Series D funding round of $200M has put us at over $2.5Billion company valuation.
We believe open source software is a force for good, and we’re building Snyk to make it easier for developers who aren’t security experts to stay secure.