Vulnerability Research Engineer

An overview of this role You'll be at the forefront of our R&D efforts within our Engineering department in this role. You’ll be expected to focus on improving GitLab’s security detection capabilities in our Application Security Testing stage groups. This includes SAST, DAST, Secret Detection and Composition Analysis, and future products. Vulnerability Research Engineers perform research to analyze software vulnerabilities, exploitation methods, track new vectors, discover novel methods and approaches in software security, and apply this knowledge to the security products and GitLab itself.

Responsibilities

• Carry out research and come up with proofs of concepts affecting security products
• Curate advisory databases for dependency scanning
• Build benchmarks to test scanning products efficacy
• Write detailed technical reports
• Respond to customer inquiries on vulnerabilities

Requirements & Qualifications

• 3+ years of experience in vulnerability detection
• Knowledge of vulnerability management process
• Experience with source code analysis, SAST, and DAST
• Experience in product development
• Passion for security and open source