Veracode Careers

Employment at Veracode

As the leader for on-demand application security testing solutions, Veracode is dedicated to building a great team that will help us achieve our aggressive growth plans. Learn more about why we are attracting the industry’s top talent to stay at the leading edge of security innovation.

Careers

Senior Security Researcher

The Senior Security Researcher will work with the Veracode Research Lab on applied research projects designed to incorporate security intelligence into Veracode’s analysis service. The Senior Security Researcher will also be expected to demonstrate public-facing security thought leadership and to provide strategic and tactical input to company direction and priorities.

Responsibilities:
  • Research the vulnerabilities commonly created in software when using common frameworks, languages, libraries, and platforms
  • Create rules, attack patterns, and test cases to communicate vulnerability detection techniques to engineering
  • Expand Veracode’s backdoor taxonomy by researching backdoors that have been discovered and hypothesize additional backdoor techniques; communicate detection techniques to engineering
  • Perform software security research to discover new classes of vulnerabilities and new detection techniques
  • Follow research and trends in the software security field and inform product management and engineering to improve software security analysis techniques
  • Assess Veracode’s security analysis capabilities against available manual and automated techniques
  • Conduct directed internal research projects aimed at improving automation, accuracy, and efficiency of the analysis engine or providing other quantifiable benefit to Veracode service offerings
  • Demonstrate Veracode’s application security expertise through public-facing activities such as contributing to the Veracode blog, attending or presenting at security conferences, or authoring whitepapers
  • Contribute reusable content to the Veracode platform to ensure it remains current and provides customers with accurate and actionable information
  • Provide mentoring and technical guidance to Security Analysts and Security Researchers
Requirements:
  • 5+ years of practical application security work experience, preferably including security code review, application penetration testing, COTS assessments, and vulnerability research; experience in automated static analysis a plus
  • Familiarity with C/C++, Java and C#; commercial development experience not required
  • Excellent attention to detail, quality, and customer satisfaction
  • Strong analytical, organizational, and technical writing skill
  • Self-motivated, results driven, and able to work effectively in a startup/team environment
  • B.S. in Computer Science or equivalent

We offer 3 weeks vacation, medical and dental coverage, stock options, 401K, life insurance, on-premises fitness facility, and flexible spending account. To apply, email your resume, brief cover letter, and salary requirements to HR at This e-mail address is being protected from spam bots, you need JavaScript enabled to view it Please include the job code CW003 in the subject line.