Millions of Java developers and the world's top businesses trust Azul to power their applications. We are growing fast and need determined, innovative and energetic contributors who want to make an impact today!
At Azul, we emphasize empowerment, enablement, and collaboration designed to foster speed of decision-making and creative approaches to driving customer value. We are distributed across the world and offer the flexibility of working from home as well as the structure of an office environment that focuses on employee wellness and opportunities for professional growth.
Azul continues to grow and we are actively interviewing Java Software Engineers to work with us on developing Azul Intelligence Cloud.
This SaaS product connects millions of JVM runtimes, collects and aggregates detailed information from them, analyzes code use, detects vulnerabilities, and provides code inventory.
What you'll doThe Security Researcher will understand a wide variety of security vulnerabilities, across various environments and data sources, figure out which libraries are related to each of the reported vulnerabilities, and will be able to integrate findings into actionable data artifacts as part of the Knowledge Base team.The researcher will act across various domains, capable of understanding and building data flows, automation, and processes aimed at continuous improvement of our proprietary knowledge base.We expect you to lead professional discussions about the architecture and technological future of our product and its newly designed functionalities. Working as a team is important for us, and your opinion matters!We are looking for a person whoHas 5+ years of working experience in the information security or development ops industry.Has experience with data pipelines and data mining.Has positive energy and enjoys communication with others.Holds a BS/MS degree in Computer Science, Engineering, Mathematics, or a related field or equivalent experience.Is able to collaborate with and motivate multiple groups toward accomplishing a task.Familiar with modern SDLC practices, cloud-based architecture, and deployment patterns including technologies such as git, CI/CD pipelines (GitHub, GitLab), Docker, Kubernetes, AWS, Azure, etc.Proficiency in using security research tools and databases (e.g., NVD, MITRE, CVE Details).Familiarity with the world of Java vulnerabilities is a plus.Some programming knowledge is a great plus.Relevant certifications such as CISSP, CEH, or OSCP are a plus.Key responsibilitiesBe responsible for vulnerability and component data quality.Provide input and guidance on data flows, automation, development, and functional requirements for knowledge mining. Create a data verification flow for components and vulnerabilities.Triage and correlate CPEs, CVEs, and other common security defects.Integrate security findings from various areas into data artifacts.Regularly audit and review database entries to ensure ongoing relevance and correctness.Investigate, understand, and contextualize a wide array of vulnerabilities and be able to explain them at a technical depth appropriate to the audience.Work with different resources, repositories like Maven, GitHub, and analyze data knowledge sources like Snyk, VulDB, OSV, CVEDetails, etc.Assess the severity and potential impact of newly discovered vulnerabilities. Define the SLA for processes on different levels.What we offerComprehensive compensation and healthcare packages.Equity Program – be part of our success.Referral Program.Work-life balance, remote-first, paid time off, company shutdown, holidays.Work with top experts worldwide who contribute to the Java ecosystem.
#J-18808-Ljbffr
