Every day, the world gets more digital thanks to tens of millions of developers building the future faster than ever. But with exponential growth comes exponential risk, as outnumbered security teams struggle to secure mountains of code. This is where Snyk (pronounced “sneak”) comes in. Snyk is a developer security platform that makes it easy for development teams to find, prioritize, and fix security vulnerabilities in code, dependencies, containers, and cloud infrastructure — and do it all right from the start. Snyk is on a mission to make the world a more secure place by empowering developers to develop fast and stay secure.
Joining Snyk means embracing our core values: One Team, Care Deeply, Customer Centric, and Forward Thinking. As a member of our team, you’ll have the opportunity to thrive in a dynamic environment where fostering collaboration, leading with empathy, driving business impact, and inspiring trust are at the heart of everything we do.
Our Opportunity
We’re looking for an Associate Security Researcher to join Snyk’s Hunter team and take part in research-led work developing the rules for the Snyk Code SAST engine. We regularly look at new and emerging languages, technologies and frameworks to better model the source code we analyse for our customers, helping them identify potential security vulnerabilities before their code reaches production.
You’ll Spend Your Time:
- Writing security rules to detect known and unknown vulnerabilities using a proprietary language and built-for-purpose tooling.
- Working closely with other teams involved in Snyk Code related to Program Analysis and Machine Learning
- Learning the mechanics of a programming language or a framework, including looking at best practices and common vulnerable patterns.
- Dealing with customer issues i.e. resolving false positive or false negative issues, to help cement our position as the most accurate tool in the market.
- Taking part in independent research projects on research days and on a rotational basis.
- Writing blog posts about the research projects, i.e: https://snyk.io/blog/finding-yaml-injection-with-snyk-code/, https://snyk.io/blog/the-dangers-of-setattr-avoiding-mass-assignment/
- Performing exploratory research in order to better understand potential gaps in the system, or guide our way towards implementation of features.
- Writing company blog posts about your work and accomplishments, and to deliver presentations to the technical community both inside of Snyk and externally
- Presenting your research at security working groups, conferences, and in publications.
What You’ll Need:
- Proficiency with at least one high level programming language (such as Python, Javascript, Java, C#, Go) and an excitement for learning and diving into unfamiliar programming languages.
- Experience taking part in CTF’s, bug-bounty programs or similar.
- Enjoyment in hunting for security vulnerabilities through the wilds of open source software security.
- Interest in learning about the mechanics and inner workings of a language or a framework.
- Strong communication skills in English, spoken and written.
We’d be Lucky if You:
- Have experience as a security analyst or researcher
#LI-GH1
We care deeply about the warm, inclusive environment we’ve created and we value diversity – we welcome applications from those typically underrepresented in tech. If you like the sound of this role but are not totally sure whether you’re the right person, do apply anyway!
About Snyk
Snyk is committed to creating an inclusive and engaging environment where our employees can thrive as we rally behind our common mission to make the digital world a safer place. From Snyk employee resource groups, to global benefits that help our employees prioritize their health, wellness, financial security, and a work/life blend, we aim to support our employees along their entire journeys here at Snyk.
Prioritize health, wellness, financial security, and life balance with programs tailored to your location and role.
- Flexible working hours, work-from home allowances, in-office perks, and time off for learning and self development
- Generous vacation and wellness time off, country-specific holidays, and 100% paid parental leave for all caregivers
- Health benefits, employee assistance plans, and annual wellness allowance
- Country-specific life insurance, disability benefits, and retirement/pension programs, plus mobile phone and education allowances
Top Skills
What We Do
Snyk leads the category of developer security, whereby development, security, and operations teams effectively collaborate to integrate security throughout the entire software development lifecycle. This approach has disrupted the legacy cybersecurity market, transitioning the industry away from slow, burdensome cybersecurity approaches.
Snyk is the trusted partner of the world’s most innovative enterprises for modern application security, empowering every organization to develop fast and stay secure. We leverage AI-powered security intelligence and automation to reliably secure code from the start—extending the unique shift-left security they pioneered, to built-in governance and holistic risk management—so that companies can unite development and AppSec teams to unleash developer productivity, reduce risk, and accelerate software delivery as they embrace DevOps, cloud, and now AI.
The only way to deliver secure applications at the speed of modern, AI-powered development is to bring security and developers together. This means giving developers real-time security tools that integrate directly into their existing tools and workflows, and giving security teams the controls and insights to view applications holistically. When security becomes a seamlessly integrated part of the development lifecycle, applications can be delivered quickly and securely.
Why Work With Us
Joining Snyk means embracing our core values: One Team, Care Deeply, Customer Centric, and Forward Thinking. As a member of our team, you’ll have the opportunity to thrive in a dynamic environment where fostering collaboration, leading with empathy, driving business impact, and inspiring trust are at the heart of everything we do.
Gallery
.jpeg)
Snyk Offices
Hybrid Workspace
Employees engage in a combination of remote and on-site work.
