Gartner®: Avoid Mobile Application Security Pitfalls

GET REPORT

Gartner®: Avoid Mobile Application Security Pitfalls

GET REPORT
Senior Cybersecurity Researcher
Group of people
Marketing
Location marker
Paris - France
Desktop icon
hybrid Remote

This position is based in Paris, France.

Context

GitGuardian is a global pre-Series C cybersecurity startup.

Among our early investors who saw our market value proposition, are the co-founder of GitHub, Scott Chacon, along with Solomon HykesDocker co-founder. American and European top-tier VC firms have also invested in GitGuardian.

GitGuardian teams have developed a source code security platform for the DevOps generation. Our solutions are already used by more than 400K developers worldwide!

We are seeking a highly skilled and motivated senior security researcher to join our team, focusing on addressing security challenges related to code and application security.

Innovating in our field and showing deep expertise in cybersecurity topics is key to our success, your work will matter and will be advertised externally. 

Mission

As a cyber security researcher, you will conduct technical research, and run experiments. You are also expected to participate in the larger security community through blog posts, research papers and participation in industry conferences.

This role involves staying up-to-date with the latest code security trends and techniques, as well as working closely with our development and product teams to design new security features and with our marketing team to develop technical long-form content.

Here are the main projects you would work on for the year to come:

  • Researching and publishing on topics related to code security, providing technical expertise to other R&D teams, developing tools to support analysts in their day-to-day duties, and collecting technical artifacts about adversary activity.
  • Analyzing, researching, and delving deep into the vast amount of data gathered by GitGuardian, technologies, tools, and products, existing and emerging, to understand how they work and how they can be utilized to build new solutions to user problems.
  • Reproduce emerging vulnerabilities and provide actionable technical information.
  • Author blog posts, research papers and conference presentations on topics and research in your area of expertise.
  • Analyze our different datasets to extract insights that can be shared to the community.

Some of the research fields would include:

Secrets Leakage Analysis: Analyze historical code repositories to identify instances where secrets have been inadvertently leaked or been exposed. This could involve conducting forensic analysis of code commits, finding patterns, big leaks and potential attack surfaces.

Vulnerability Research: Identify and analyze vulnerabilities in software code, libraries, and frameworks. This includes both known vulnerabilities (CVEs) and zero-day vulnerabilities.

Threat Intelligence: Research emerging threats, attack vectors, and adversary tactics to stay ahead of potential security risks. This includes monitoring underground forums, analyzing threat actor behavior, and tracking new malware campaigns.

Supply Chain Security: Investigate supply chain attacks and vulnerabilities within third-party components, dependencies, or libraries used in software development.


    Requirements

    If you think you match at least 70% of these criteria, please apply!

    • 5+ years experience working in a security engineer role (Application Security, Security Operations, Security Development), with 2+ years of those dedicated to research-related work.
    • Experience in bugbounty, pentesting or red teaming is a must
    • Keen eye for identifying complex security problems in software and/or infrastructure, and defining their solutions.
    • Ability to rapidly prototyping ideas.
    • Proficiency in a scripting language (Python or Go).
    • Excellent and professional communication skills (written and verbal) with an ability to articulate complex topics in a clear and concise manner.

    Benefits

      • 💰 Package that includes stock-options
      • 🍜 Lunch voucher (Swile)
      • 💻 Up to €300 to improve your home office set-up
      • 🌴 Yearly holiday allowance
      • 🤝 Referral bonus of 4000€ for any new Guardian we might hire thanks to you
      • 🎡 Team building: monthly activities for the whole company + dedicated quarterly budget for every employee
      • 🐕 Pet-friendly offices, some Guardians gets to bring their dogs from time to time

    And also...

    • 🚀 Becoming the first Security Researcher of the team, with opportunities for career development in the long term
    • 👊 Working on a meaningful product; we've already helped more than 400k developers across the globe
    • 📈 A robust engineering culture, discover our R&D projects
    • 👫 Trust & autonomy on your perimeter with a very transparent internal communication and a strong impact on the company development

    Recruitment process

    1. Video call with a Talent Acquisition team member

    To discover your professional projects and evaluate if there could be a mutual match.

    2. Interview with Carole (CMO)

    To know more about yourself and your writing / publication achievements, and present to you the team.

    3. Interview with an Engineering and Security team member

    To dig into your technical expertise in the security and development field.

    4. Final interview with Eric (CEO, co-founder)

    To dig into your product understanding and detail our company’s vision and ambitions for the next couple of years. 

    Curious to know more about us?

    Products

    • Want to go even further? Check out our public roadmap!
    • Check out the State of Secrets Sprawl Report to understand our mission and the industry.
    • Mackenzie (DevRel) will tell you about how GitGuardian works in this video!
    • Our solutions are already used by hundreds of thousands of developers in all industries and GitGuardian platform is the n°1 security app on the GitHub marketplace 🔥

    Clients

    • GitGuardian helps organizations find exposed sensitive information that could often lead to tens of millions of dollars in potential damage.
    • More than 80% of our customers are in the United States.
    • Many F500 companies use GitGuardian's platform.

    People

    • The Guardians are knowledgeable, committed, serious, aligned with the company’s mission, and true team players: always willing to help each other grow our skill sets!
    • The team is diverse and we hail from more than 20 different countries.
    • We are also agile, remote-friendly, and fun people to work with.

     

    GitGuardian is an equal opportunity employer committed to encouraging and celebrating its diverse and inclusive workforce. We’re building an employee experience that includes appreciation, belonging, growth, and purpose for everyone.

    We welcome all without regard to age, race, color, religion, gender identity and expression, sex (including pregnancy, childbirth, and related medical conditions), sexual orientation, citizenship, national origin, disability, military status, veteran status, political affiliation, or any other protected characteristics. All aspects of employment will be solely based on merit and qualifications related to professional competence. GitGuardian operates on a principle of mutual respect and acceptance, and every employee must follow GitGuardian's anti-harassment and anti-discrimination company policies.

    Apply now

    Glassdoor

    We invite you to have a look at our Glassdoor profile for transparent reviews from our previous and current employees.

    • Very pleased

      Very dynamic company, and very friendly team. The technical level is quite high which is very stimulating. Open for remote work!

    • Great spirit in a dynamic company

      GitGuardian has a deep technical DNA. The culture is very much oriented towards knowledge sharing. The environment is sound: big ambitions without pressure from the top management.

    • Good company to work for!

      Good projects with technical challenge, career progression, good salary.

    • Great place to work

      Application Security is exciting. Our products are really useful and customers love them. Great leadership. Competitive OTE, workplace flexibility and cool gatherings.

    GitGuardian Team Picture
    GitGuardian workers working together
    GitGuardian colleagues laughing while working
    GitGuardian colleagues laughing while on a meeting
    GitGuardian colleagues laughing while working

    Job opportunities

    {{label}}
    XX Selected
    {{label}}
    XX Selected
    {{label}}
    XX Selected
    Thank you! Your submission has been received!
    Oops! Something went wrong while submitting the form.
    All job openings
    Apply now