At Contrast Security, we’re redefining how organizations protect their software at the speed of modern development. With industry-leading Application Detection and Response (ADR), we give teams the power to detect, stop and fix real threats in real time. If you're passionate about building smarter, faster, more effective security, you’ll fit right in.
We’re looking for sharp minds, fearless builders, and problem-solvers who thrive on turning complex challenges into innovative solutions.
About the Position
Our Application Security Research team is hyper-focused on vulnerability and threat research affecting the world's software ecosystem to deliver world-class runtime application security products. He or she will maintain the fidelity of research and findings in our real-time security intelligence platform. This research can involve testing emerging vulnerabilities and novel research, both of which will be used to develop Contrast’s runtime capabilities further. This role will work closely with product and engineering functions to creatively solve complex problems in the world of application security. In addition to product development functions, this position will present opportunities to contribute original research for publication on company blogs, papers, and conference presentations.
Responsibilities
Conduct basic and applied research on important and challenging problems in application security to creatively improve and innovate runtime products
Help define and drive research projects, either on your own or in collaboration with others on the team
Engage with Contrast’s product teams and customers to promote and seek out new research initiatives
Support the gathering of language, library, license, and application security research
Process emerging threats, such as evaluating externally found CVEs and risks
Development and presentation of content associated with security research through conference speaking and/or blogging
Provide tier-3 support for reported incidents and escalation of security findings review
Provide mentorship and direction to the team
Qualifications
Software background in Java and .NET (plus if you have experience with NodeJS, Python, and Ruby.)
Able to develop purposefully vulnerable applications and exploit them
Understand the OWASP Top 10 and SANS/CWE Top 25
Experience with ethical hacking and vulnerability management reporting
Knowledge of cloud hosting environments (AWS, Azure, GCP, OCI, etc.)
You have strong communication skills
You ask questions, let others know when you need help, and tell others what you need
5+ years of experience in industry application security research, pen-testing, consulting, or direct application
You have a hacker’s curiosity blended with an engineer’s problem-solving
Please include a link to your Github or BitBucket account and any links to some of your projects, if available
We are focused on building a diverse and inclusive workforce. If you’re excited about this role, but do not meet 100% of the qualifications listed above, we encourage you to apply.
We're transforming the way the world secures software. If you're ready to make a real impact, thrive in a fast-paced environment, and grow alongside a team of passionate professionals, we’d love to hear from you.
Apply today and help us shape the future of application security.
If an employer mentions a salary or salary range on their job, we display it as an "Employer Estimate". If a job has no salary data, Rise displays an estimate if available.
Support clinical applications and enhance patient care as an Informatics Applications Analyst at Children’s Mercy, a nationally recognized pediatric hospital.
Link Solutions is seeking a skilled Database Administrator to manage and maintain mission-critical databases onsite in Adelphi, MD.
AHEAD is seeking a detail-oriented Computer System Diagnostics Specialist to diagnose and repair computer hardware components in support of enterprise digital transformation.
Experienced technology leader needed to head digital innovation as Chief Technology Officer at a market-leading custom homebuilder.
Experienced Senior Cloud Network Engineer needed at T-Rex Solutions to design and support cloud network infrastructures for the US Department of Education.
Serve as a key business systems analyst at Community Health System, driving complex system enhancements and acting as a subject matter expert within a dynamic healthcare IT environment.
Experienced senior penetration tester wanted to join Bishop Fox’s remote US team to enhance cloud and application security for high-profile clients.
Support critical network infrastructure and automate solutions as a Network Operations Engineer at GE Aerospace.
Experienced DevOps Engineer needed at Altium to drive cloud infrastructure excellence and automation in a collaborative, innovative tech environment.
Experienced Senior Network Engineer sought to manage and enhance network infrastructure for GDIT's DCGS program at Langley AFB.
Lead strategic and technical efforts in digital capability management and enterprise data storage integration at Bristol Myers Squibb.
Contribute to federal IT security as a Cyber Security Analyst at the Government Publishing Office, supporting threat response and zero trust principles.
EAC is seeking a technically skilled Solution Architect to lead the design and deployment of innovative PLM solutions in a fully remote role.
To Finally Make All Software Secure.
3 jobs