Associate Security Researcher

Published: today
Avatar for Sonatype


Release faster. automate open source security

Job Location

Job Type

Full Time

Visa Sponsorship

Not Available

Hires remotely




The Role

Sonatype is the software supply chain management company. We're on a mission to change how the world innovates by making software development easier. From running the world's largest repository of Java open-source components (Maven Central) to inventing componentized software development and then software supply chain management to creating the only solution that stops malicious open-source malware in its tracks, we're constantly leading the industry while helping thousands of customers manage open source every day.

Already used by 15 million developers, we have lofty goals for our technology to be in the hands of every engineering team. And we need you to do that. Join us!

Learn more at

Sonatype’s mission is to enable organizations to better manage their software supply chain. We offer a series of products and services including the Sonatype Nexus Repository and Sonatype Lifecycle.

***This position is 100% remote and candidates must currently live in Colombia.*

The Security Researcher will investigate and analyze vulnerabilities in open-source software.

Sonatype is looking for a passionate, driven and talented Security Researcher to provide high quality security data from researching software vulnerabilities. This high-quality security data ensures that our customers are getting maximum value out of our products making them feel like they are part of the Sonatype family. If you are a positive-thinker and problem-solver and believe that customer success and company success go hand-in-hand, this is a great job for you. This position will provide a valuable learning opportunity with great potential to grow your newly started career in cyber-security. Enjoy your job as you work in a fast-paced, flexible, and fun environment, with talented, diverse, and forward-thinking individuals.


  • Review, isolate, analyze, and reverse engineer vulnerabilities in open-source software.
  • Document attack capabilities.
  • Provide detection and remediation guidance.
  • Aid in ideas and prototypes for new tooling.
  • Collaborate with other team members toward shared product goals.
  • Improve Sonatype products by providing valuable security data.
  • Work with technology and business team members to define and refine requirements in an agile development environment

Required Qualifications:

  • Bachelor of Science Degree in Computer Science, Cybersecurity, Engineering, or related field; or at least 4 years of related work experience in lieu of a degree
  • 0 to 3 of years experience in software development or application security.
  • Basic knowledge of Java, C#, or JavaScript.
  • Basic Knowledge of application security such as the OWASP Top 10 or Sans 25.

Desired Qualifications:

  • 5+ years experience in software development or application security
  • Excellent oral and written communication skills.
  • Excellent organizational skills and detail oriented.
  • Ability to work independently and as part of a team

More about Sonatype

Perks and Benefits

Healthcare benefits


6 rounds
Unknown Sep 2018

Similar Jobs

ATLAS ANALYTICS company logo
Your Sales Team, Reimagined. Tailored & Customized Video Outreach Campaigns
Genius Sports company logo
Genius Sports
Innovative sports data technology
Miratech company logo
Miratech helps visionaries change the world
Appinio company logo
From questions to insights in minutes. Appinio provides real-time, mobile market research
Shepherd company logo
We're a headhunter agency for finding top overseas talent for your company
Shepherd company logo
We're a headhunter agency for finding top overseas talent for your company