Black Duck Software, Inc. helps organizations build secure, high-quality software, minimizing risks while maximizing speed and productivity. Black Duck, a recognized pioneer in application security, provides SAST, SCA, and DAST solutions that enable teams to quickly find and fix vulnerabilities and defects in proprietary code, open source components, and application behavior. With a combination of industry-leading tools, services, and expertise, only Black Duck helps organizations maximize security and quality in DevSecOps and throughout the software development life cycle.
The Vulnerability Analyst is responsible for performing security analysis of open source projects, facilitating the delivery of accurate and actionable security information. The successful candidate would be expected to engage with senior team members, assist with security research efforts and report to the Security Research Team Leads. This position will be based out of our Belfast, Northern Ireland office. Additionally, other duties may need to be carried out including, but is not limited to, quality review of vulnerability reports, development of internal tools and in-depth security research. These are dependent on performance and skills.
As a Vulnerability Analyst, your primary responsibilities are:
• Performing vulnerability analysis and documentation
• Engaging with senior security researchers
• Performing security research activities on both public and undisclosed vulnerabilities
Job Requirements:
• Degree in Computer Science / related field or proven willingness to learn
• Excellent written and oral communications skills
• Versatile and capable of working in a fast-paced agile environment
• Demonstrates initiative
• Excellent team collaboration
• Strong commitment to customers
• Understands the importance of strong processes and structured documentation
Skills & Experience:
• Awareness of Open Source, OWASP, networking concepts
• Understanding of existing threats & mitigation / remediation strategies
• Understanding of various operating systems and common applications
• Familiarity with security tools
• Understanding of detection & protection technologies (IDS/IPS/WAF)
• Demonstrates strong problem-solving abilities and can work independently
Desired Skills & Experience:
• Scripting experience (Various: Python /Perl/Java/Ruby etc)
• Understanding of various testing techniques including static & dynamic analysis, fuzzing
• Understanding of the Secure Development Lifecycle (security requirements, threat modelling, attack surface analysis)
Black Duck is an equal opportunity employer. We consider all applicants for employment without regard to race, color, national origin, religion, sex, gender identity or expression, age, disability, sexual orientation, veteran or military service status, or any other characteristic protected by applicable law. Black Duck complies with all applicable laws prohibiting employment discrimination in every jurisdiction where it operates and provides reasonable accommodations to individuals with disabilities in accordance with applicable law.
Skills Required
- Degree in Computer Science or related field
- Excellent written and oral communications skills
- Ability to work in a fast-paced agile environment
- Strong collaboration and problem-solving skills
Black Duck Compensation & Benefits Highlights
The following summarizes recurring compensation and benefits themes identified from responses generated by popular LLMs to common candidate questions about Black Duck and has not been reviewed or approved by Black Duck.
-
Healthcare Strength — Medical, dental, and vision coverage provide multiple plan choices with transparent costs, with carrier updates noted for 2026. Vision via VSP and dental plan options offer defined tiers and network access.
-
Retirement Support — Retirement programs include a 401(k) with company matching alongside an employee stock purchase plan with a discount and lookback. These features support longer‑term savings and wealth building.
-
Leave & Time Off Breadth — Exempt employees use a manager‑approved, no‑cap time‑off model, while non‑exempt employees accrue flexible time off alongside sick time. Paid leaves include parental and family care leave, with additional protections under applicable leave laws.
Black Duck Insights
What We Do
Organizations worldwide use Black Duck Software’s industry-leading products to secure and manage open source software, eliminating the pain related to security vulnerabilities, compliance and operational risk. Black Duck is headquartered in Burlington, MA, and has offices in San Jose, London, Frankfurt, Hong Kong, Tokyo, Vancouver, Seoul & Beijing
Why Work With Us
We pride ourselves on cultivating an environment of collaboration, creativity, and fun! We know where you work can influence how you work, which is why our collaborative office space focuses on community and continuous learning. Our work-hard, play-hard attitude even got us named a Top Place to Work in Massachusetts by The Boston Globe!
Gallery
