our group seeks an experienced, detail-oriented Application Security Analyst to join our team in Israel. Your role will include an in-depth understanding of vulnerabilities and how they occur in the code, from open-source libraries to proprietary code, and involvement with the whole security research group. On one hand, you will get familiar with our family of security products, such as SAST, DAST, SCA, SCS, and others. On the other hand, your work can include some scripting tasks for automating and improving processes, researching and supporting the development of new Product features, identifying 0-day vulnerabilities, and keeping up-to-date with the latest Application Security trends.
Apart from the Security Research group, you will collaborate with multiple Teams, including Product Management, R&D, and many others.
If you are passionate about security and enthusiastic about product-related matters and technical management, we are looking for you!
How will you make an impact?
Assist the SCA analysts in conducting vulnerability analysis of known open-source software vulnerabilities to identify affected libraries and other elements, such as the affected vulnerable code.
Analyze code containing various security risks & vulnerabilities written in multiple languages/frameworks.
Analyze results produced by Checkmarks AST solutions that can include SAST, DAST, IaC, and other engines.
Supervise the technical components and collaborate with the required teams.
Engage in proactive interactions with Product and R&D teams to align the security aspect of new features and product enhancements
Research ways to improve internal processes and promote relevant Product features.
Be at the forefront of the Application Security world: Discover and report Application Security trends. Suggest new ideas and write publications on new vulnerabilities and relevant topics.
Develop Python scripts and tools for research purposes and automation.
Requirements: Passionate about security and keen on growing in the security field.
1-2 years of experience as an analyst.
1-2 years of experience in a similar role in the security field.
Familiar with key AppSec concepts, such as understanding security concepts, vulnerabilities, and secure coding practices.
Have a deep understanding of the OWASP To 10.
Experience with Python scripting/programming.
Familiarity with both interpreted and compiled languages, and the ability to learn new programming languages and technologies independently.
Basic experience in conducting security research, bug bounties, and Pentesting.
Optional: Knowledge in Observability/Monitoring tools such as Elastic, Kibana, Power BI, etc.
Excellent writing and oral presentation skills in English.
Ability to handle multiple requests and work in a fast-paced environment.
Excellent organizational, interpersonal, and communication skills. The ability to innovate, think creatively, and pay close attention to details is essential in this position.
Customer-oriented mindset and driven by innovation.
A degree or certification in a relevant field an advantage.
This position is open to all candidates.