Security Researcher

Senior level
Full time

As a Security Researcher, you will be a crucial part of our core research team, getting the chance to​​ influence the design and build of Oxeye's solution of Oxeye. Working with a talented and agile team, you will have the opportunity to grow with us and make an impact.

About Oxeye

Oxeye is a young, well-funded early-stage startup in the growing cloud native application security market. We enable customers to identify and resolve the most critical code vulnerabilities as an integral part of the software development lifecycle, disrupting traditional application security testing (AST) approaches by offering a contextual, effortless, and comprehensive solution that ensures no vulnerable code ever reaches production.

About the position

We are looking for an experienced and passionate Security Researcher with proven credentials in web application security and cloud native environments.

Our ideal candidate will be able to detect and exploit web applications and cloud native vulnerabilities, along with researching novel detection methods. Furthermore, we are looking for a candidate that will be able to demonstrate and communicate their achievements in presentations, conferences, and blog posts.

What you'll be doing

  • Research new attack vectors with regards to cloud infrastructure, applications, and discover detection methods
  • Perform analysis of the existing vulnerabilities and break them apart
  • Driving forward our detection algorithms, by presenting new attack techniques
  • Analyze different security facets of multiple programming languages and technologies
  • Conduct novel research and identifying techniques to exploit and detect threats in cloud native environment 
  • Writing blog posts and presenting publicly some of our research findings

You Should Apply If

  • 4+ years of experience in application security research, specifically web application penetration testing, secure development, security code review, or other similar fields
  • At least 2  years of experience in cloud security (AWS/Azure/GCP)
  • Proficient with application security, deep understanding of security concepts, vulnerabilities, mitigations, and coding practices
  • Strong coding skills with both interpreted and compiled languages and the ability to learn new programming languages and technologies independently
  • Proven presentation skills and client-facing experience, including the ability to document and explain technical information in a concise, understandable manner
  • Deep knowledge of offensive AppSec techniques and the OWASP Top 10
  • Track record of vulnerability findings in bug bounties or prior roles
  • Openness to learning, lots of creativity, and a desire to solve tough problems
  • Team player approach

Oxeye has a positive, diverse, and supportive culture — we look for people who are inventors, builders, learners, and team players. So, even if your background partially meets the description but, our culture ring true for you we still encourage you to apply and tell us why your skills and values could be an asset to us.

Fill the form to apply for this position

Upload failed. Max size for files is 10 MB.
Apply now
Thank you for applying!
your submission has been received.
Return to website
Oops! Something went wrong while submitting the form.