Security Research Engineer (Remote)

About the Company:

QwietAI is an innovative DevSecOps Security company with a mission of providing prevention solutions for our clients at the core of the problem: code.

We are a leading software security company specializing in Static Application Security Testing (SAST) and Software Composition Analysis (SCA). Our mission is to provide our clients with the highest level of security for their software applications, ensuring they are protected against the latest threats and vulnerabilities.

About the Role:

We are seeking a highly motivated Security Researcher to join our team and help us and our customers stay ahead of the latest cybersecurity threats. 

As a Security Research Engineer, you will be responsible for conducting research on emerging cybersecurity threats and related technology. You will also write security policies and other content to prevent and mitigate code vulnerabilities. Additionally, you will collaborate closely with our Data Science team to help train and evaluate our machine learning models and other AI related solutions.

Responsibilities:

• Conduct research on emerging cybersecurity threats and related technology
• Communicate research findings to the team and the broader security community
• Create and improve policies to prevent and mitigate security vulnerabilities in code
• Help review customers applications to make sure vulnerability findings, weaknesses, and other issues are captured accurately
• Develop new techniques and approaches to help customers improve their code security practices
• Collaborate with Data Science and other teams to develop innovate and easy to use solutions for our customers

Qualifications:

• Bachelor's degree in Computer Science, Software Engineering or a related field, or equivalent experience
• 2 years of code auditing experience in one or more languages: Java, C#, JavaScript, Go, Python, Swift, Kotlin, Ruby, TypeScript, C, C++, Rust, Objective-C, PHP or Scala
• A sophisticated understanding of OWASP's Top 10
• Knowledge of common vulnerability patterns
• Ability to identify patterns in vulnerabilities/vulnerability classes
• Demonstrable experience developing software in one or more programming languages: Java, C#, JavaScript, Go, Python, Swift, Kotlin, Ruby, TypeScript, C, C++, Rust, Objective-C, or Scala.
• Desire to learn new frameworks and languages
• Knowledge of static analysis
• Knowledge of compilers
• Strong problem-solving and analytical skills, as well as attention to detail
• Excellent communication and interpersonal skills to work collaboratively with team members
• Nice to have: published CVEs, certifications such as OSCP, familiarity with Code Property Graph

About Us

QwietAI helps AppSec teams empower developers to secure more code in less time. Our modern code analysis platform analyzes the flow of data through your application to all components in minutes, detects attackable vulnerabilities with a single scan, and prioritizes remediation efforts to build security into the DNA of every release and accelerate software delivery.

Our blog at https://qwiet.ai/blogs/ can give more insight into our approach and examples of how our technology can help businesses improve their security.