Security Researcher - Knowledge Base (Armenia) - Azul Yerevan Bookmark Share Print 162 0 0

Listing Description

Millions of Java developers and the world’s top businesses trust Azul to power their applications. We are growing fast and need determined, innovative and energetic contributors who want to make an impact today!
At Azul we emphasize empowerment, enablement and collaboration designed to foster speed of decision making and creative approaches to driving customer value. We are distributed across the world and offer the flexibility of working from home as well as the structure of an office environment that focuses on employee wellness and opportunities for professional growth.
Azul continues to grow and we are actively interviewing Java Software Engineers to work with us on developing Azul Intelligence Cloud.
This SaaS product connects millions of JVM runtimes, collects and aggregates detailed information from them, analyzes code use, detects vulnerabilities and provides code inventory.

What you'll do
  • The Security Researcher will understand a wide variety of security vulnerabilities, across various environments and data sources, figure out which libraries are related to each of the reported vulnerabilities and will be able to integrate findings into actionable data artifacts as part of the Knowledge Base team.
  • The researcher will act across various domains, capable of understanding and building data flows, automation and processes aimed at continuous improvement of our proprietary knowledge base.
  • We expect you to lead professional discussion about the architecture and technological future of our product and its newly designed functionalities. Working as a team is important for us and your opinion matters!

  • We are looking for a person who
  • Has 5+ years of working experience in the information security or development ops industry.
  • Has experience with data pipelines and data mining.
  • Has positive energy and enjoys communication with others.
  • Holds BS/MS degree in Computer Science, Engineering, Mathematics or a related field or equivalent experience.
  • Is able to collaborate with and motivate multiple groups toward accomplishing a task.
  • Familiar with modern SDLC practices, cloud-based architecture, and deployment patterns including technologies such as git, CI/CD pipelines (GitHub, GitLab), Docker, Kubernetes, AWS, Azure, etc.
  • Proficiency in using security research tools and databases (e.g., NVD, MITRE, CVE Details)
  • Familiarity with the world of Java vulnerabilities is a plus.
  • Some programming knowledge is a great plus.
  • Relevant certifications such as CISSP, CEH, or OSCP are a plus

  • Key responsibilities
  • Be responsible for vulnerability and component data quality.
  • Provide input and guidance on data flows, automation, development, and functional requirements for knowledge mining. Create a data verification flow for components and vulnerabilities.
  • Triage and correlate CPEs, CVEs, and other common security defects.
  • Integrate security findings from various areas into data artifacts.
  • Regularly audit and review database entries to ensure ongoing relevance and correctness.
  • Investigate, understand, and contextualize a wide array of vulnerabilities and be able to explain them at a technical depth appropriate to the audience.
  • Work with different resources, repositories like Maven, GitHub and analyze data knowledge sources like Snyk, VulDB, OSV, CVEDetails, etc.
  • Assess the severity and potential impact of newly discovered vulnerabilities. Define the SLA for processes on different levels.

  • What we offer
  • Comprehensive compensation and healthcare packages
  • Equity Program – be part of our success
  • Referral Program
  • Work-life balance, remote-first, paid time off, company shutdown, holidays
  • Work with top experts worldwide who contribute to the Java ecosystem

  • Listing Details

    • Citizenship: Not Provided
    • Incentives: Not Provided

     

    • Education: Not Provided
    • Travel: Not Provided
    • Telework: Not Provided

    About Us

    NinjaJobs is a community-run job platform developed by information security professionals. Our unique approach of focusing strictly on cybersecurity positions allows us to personalize the user experience.

    Starfish Logo

    A Starfish Partners Company

    Our Contacts

    1765 Greensboro Station Pl.
    Suite 900
    Tysons Corner Va 22102

    (703) 594-7765