Talent.com
Vulnerability Researcher (fmd)
Vulnerability Researcher (fmd)Sonar • Bochum, North Rhine-Westphalia, Germany
Vulnerability Researcher (fmd)

Vulnerability Researcher (fmd)

Sonar • Bochum, North Rhine-Westphalia, Germany
Vor 10 Tagen
Stellenbeschreibung

Who is Sonar

Sonar helps prevent code quality and code security issues from reaching production amplifies developers productivity in concert with AI assistants and improves the developer experience with streamlined workflows. Sonar analyzes all code regardless of who writes it your internal team genAI or third parties resulting in more secure reliable and maintainable applications. Rooted in the open source community Sonars solutions support over 30 programming languages frameworks and infrastructure technologies. Today Sonar is trusted by 7M developers worldwide including teams at the DoD Microsoft NASA MasterCard Siemens and T-Mobile.

We believe in developing great products that are supported by great internal teams and a strong culture. We are highly committed to and obsessed with the company users each other and our open source community. We have high standards and hold each other accountable for acting with positivity dedication thoughtfulness empathy and passion daily.

We are deliberate with our decisions with high clarity of intention. At the same time we feel extreme urgency and move forward quickly.

And lastly we are highly effective and operationally efficient . We operate collectively as One Team to accomplish our goals.

At Sonar CODE is more than just an acronym its a mindset that defines daily operations.

Why You Should Apply :

At Sonar were a group of brilliant motivated and driven professionals working hard to help supercharge developers to build better faster. Sonar helps to continuously improve code quality and code security while reducing developer toil. This means that developers can focus on doing more of what they love and less of what they dont. Our solutions dont just solve symptoms of problems we help fix issues at the source for all code whether its developer-written AI-generated or from third parties.

We have a dynamic culture with employees worldwide and hub offices in the USA Switzerland the UK Singapore and Germany. Team members should be able to come to work every day work on a product they are proud of love what they do and feel energized by their peers. With our roots deep in the open source community were all about the mission : supercharge developers to build better faster.

The Impact You Will Have :

SonarSource is looking for a passionate Vulnerability Researcher who loves discovering 0-day vulnerabilities in open-source code and helping to push our code analysis technology to the next level. You will be part of the Code Security Department and play a central role in realizing our ambition to provide the best code analysis solution on the market. By sharing your security research and findings with a world-wide community you establish a reference of trust for code security and help developers to write secure code.

What You Will Do Daily :

  • Have fun and learn with world-class security enthusiasts that share your passion and interest for web security
  • Uncover discuss exploit and report critical and complex vulnerabilities in popular open source web applications (see new and existing vulnerability types as well as exploitation techniques
  • Automate the detection of vulnerabilities in well-known applications by using our best-in-class code analysis technology
  • Share your research and findings with the world-wide community by writing blog posts or presenting at international conferences

The Experience You Will Need :

  • You have 3 years of experience in reviewing source code for critical security vulnerabilities (CTFs do count ;)
  • You have a deep understanding of major security vulnerability types how to spot these in source code and how to exploit them with different techniques
  • You have solid programming skills in at least one of the following languages : Java C# Python or JavaScript
  • You are passionate creative and persistent when auditing new source code and you can think outside the box
  • You care about professional and responsible disclosure of security vulnerabilities to the affected vendor
  • You are fluent in English both written and spoken and are able to explain complex security concepts in a structured and understandable way

    • Why You Will Love It Here :

  • Our culture and mission set us apart. We have a dynamic work culture that values respect and kindness and embraces the right to fail (and get right back up again!).
  • Great people make a great company. We value people skills as much as technical skills and strive to keep things friendly while still being passionate leaders in our domains.
  • We have a flexible work policy that includes 3 days in-office and 2 days work-from-home each week for those located near our office locations; some locations such as Dubai India Japan and Australia operate fully remotely.
  • We have a growth mindset. We love learning and believe continuous education is critical to our an ever-changing industry new skills are necessary and were happy to help our team acquire them.
  • As the leader in our field our products and services are as strong as our internal team members.
  • We embrace transparency with regular meetings cascading messages and updates on the growth and success of our organization.

    • Benefits of Working with Sonar :

  • Pension Scheme : 1st Pillar (Unterstützungskasse) : Automatic financed by Sonar 3% of gross salary an additional benefit in addition to your salary.
  • Pension Scheme : 2nd Pillar (bAV) : Voluntary 15% contribution by Sonar from social security savings.
  • We encourage usage of our robust time-off allocations with 28 PTO days for our employees based out of the Geneva region plus additional days based on seniority and circumstances.
  • Sonar recognizes holidays on working calendar days. If the holiday date occurs on a Saturday we will recognize the day on the preceding Friday. If the holiday date occurs on a Sunday we will recognize the day on the following Monday.
  • Public transport reimbursement of 60% for annual subscription.
  • Global workforce with employees in 20 countries representing 35 unique nationalities.
  • We have an annual kick-off somewhere in the world where we meet to build relationships and goals for the company.

    • We Value Diversity Equity and Inclusion :

    At Sonar we believe that our diversity is our strength. We are a global company that values and respects different backgrounds perspectives and cultures.

    We are committed to fostering a diverse and inclusive work environment where everyone feels valued and empowered to contribute their best. We are proud to be an equal opportunity employer and welcome all qualified applicants regardless of race color religion gender gender identity or expression sexual orientation national origin genetics disability age or veteran status.

    All offers of employment at Sonar are contingent upon the precise results of a comprehensive background check and reference verification conducted before the start date.

    We do not currently support visa candidates in the US.

    Applications that are submitted through agencies or third party recruiters will not be considered.

    We may use artificial intelligence (AI) tools to support parts of the hiring process such as reviewing applications analyzing resumes or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed please contact us.

    Required Experience :

    IC

    Key Skills

    Intelligence Community Experience,Python,Spss,Microsoft Word,R,Regression Analysis,Windows,Stata,Microsoft Powerpoint,Research Experience,Data Modeling,Writing Skills

    Employment Type : Full-Time

    Experience : years

    Vacancy : 1

    Jobalert für diese Suche erstellen

    Vulnerability Researcher fmd • Bochum, North Rhine-Westphalia, Germany

    Ähnliche Stellen
    Security Engineer (m / w / d)

    Security Engineer (m / w / d)

    think about IT GmbH • Bochum, North Rhine-Westphalia, Germany
    Quick Apply
    Wir suchen Dich zum nächstmöglichen Zeitpunkt als Teammitglied für unseren Standort.Werde Teil der thinkGROUP und unterstütze uns als. Planung, Umsetzung und Weiterentwicklung von Sicherheitskonzept...Mehr anzeigen
    Zuletzt aktualisiert: vor über 30 Tagen
    Senior DevOps Engineer (m / f / d)

    Senior DevOps Engineer (m / f / d)

    Alphawave Group • Hagen, Germany
    Experience : 5+ years in Software Engineering, with at least 3 years focused on DevOps, Release Engineering, or Infrastructure. Architectural Mindset : Proven track record of designing and implementin...Mehr anzeigen
    Zuletzt aktualisiert: vor 28 Tagen • Gesponsert
    IT-Security Identity Expert (m / w / d) in Vollzeit oder Teilzeit [R-103700]

    IT-Security Identity Expert (m / w / d) in Vollzeit oder Teilzeit [R-103700]

    Techem Solutions GmbH • Dortmund, DE
    Über uns Hast Du, was es braucht, um die Zukunft neu zu denken? Du gibst Dich nicht mit der erstbesten, sondern nur mit der bestmöglichen Lösung für nachhaltigen Ressourcengebrauch zufrieden? Dann ...Mehr anzeigen
    Zuletzt aktualisiert: vor 13 Tagen • Gesponsert
    Cyber Security Engineer - Embedded Systems (m / w / d)

    Cyber Security Engineer - Embedded Systems (m / w / d)

    GRIMME Landmaschinenfabrik SE & Co. KG • Dortmund, DE
    Über uns Über unsDas Familienunternehmen GRIMME ist seit 1861 im Dienste der Landwirtschaft tätig und steht für führende Technologien in der Kartoffel-, Rüben- und Gemüsetechnik.Mitarbeiter tragen ...Mehr anzeigen
    Zuletzt aktualisiert: vor 21 Tagen • Gesponsert
    Ingenieur für den Explosionsschutz - Schwerpunkt Audits (m / w / d)

    Ingenieur für den Explosionsschutz - Schwerpunkt Audits (m / w / d)

    Sonstige Dienstleistungen Karriere • Bochum, Germany
    Ingenieur für den Explosionsschutz - Schwerpunkt Audits (m / w / d).Vollzeit | DEKRA Testing and Certification GmbH | Job ID : 2726. Verstärken Sie unser Team zum nächstmöglichen Zeitpunkt als Auditor (m...Mehr anzeigen
    Zuletzt aktualisiert: vor 14 Tagen • Gesponsert
    AI Engineer (f / m / x) - Dortmund

    AI Engineer (f / m / x) - Dortmund

    NETCONOMY • Bochum, Germany
    Applied AI or Machine Learning in the industry.Proficiency in building Generative AI and Agentic applications at scale, with expertise in using agentic frameworks, vector databases, grounding, and ...Mehr anzeigen
    Zuletzt aktualisiert: vor 20 Tagen • Gesponsert
    Ingenieur für den Explosionsschutz - Schwerpunkt Audits (m / w / d)

    Ingenieur für den Explosionsschutz - Schwerpunkt Audits (m / w / d)

    DEKRA Testing and Certification GmbH • Bochum
    Ingenieur für den Explosionsschutz - Schwerpunkt Audits (m / w / d).Vollzeit | DEKRA Testing and Certification GmbH | Job ID : 2726. Verstärken Sie unser Team zum nächstmöglichen Zeitpunkt als Auditor (m...Mehr anzeigen
    Zuletzt aktualisiert: vor 14 Tagen • Gesponsert
    Compliance & Data Protection (Senior) Specialist (f / m / d) – Digital Mobility Services (m / w / d)

    Compliance & Data Protection (Senior) Specialist (f / m / d) – Digital Mobility Services (m / w / d)

    Kia Connect GmbH • Dortmund, DE
    Über uns About usDigitale Mobilitäts- und Connectivity-ServicesFrankfurt am Main | Hybrid | Vollzeit | UnbefristetKia Connect ist die digitale Services- und Connectivity-Einheit von Kia in Europa.W...Mehr anzeigen
    Zuletzt aktualisiert: vor 21 Tagen • Gesponsert
    GTM Specialist

    GTM Specialist

    Hypergen LLC • Beograd, 00, RS
    If you’re excited by smart targeting, A / B testing, and building email campaigns that actually get replies, this might be your moment. Join us at Hypergen and do all that (and more) with a team that ...Mehr anzeigen
    Zuletzt aktualisiert: vor über 30 Tagen
    Monitoring & Observability Consultant (m / w / d)

    Monitoring & Observability Consultant (m / w / d)

    EON Grid Solutions GmbH • Dortmund, Nordrhein-Westfalen, DE
    Kundeninteraktion & Beratung : .Beratung bei der Gestaltung, Implementierung und Optimierung von Monitoring- und Observability-Lösungen mit Hilfe von New Relic und Uptrends.Du stellst sicher, das...Mehr anzeigen
    Zuletzt aktualisiert: vor 11 Tagen • Gesponsert
    Expert Security Operations Lead (m / w / d)

    Expert Security Operations Lead (m / w / d)

    Amprion GmbH • Dortmund
    Unser Übertragungsnetz transportiert Strom für 29 Millionen Menschen in einem Gebiet von der Nordsee bis zu den Alpen.Dort wird ein Drittel der deutschen Wirtschaftsleistung erzeugt.Unsere Leitunge...Mehr anzeigen
    Zuletzt aktualisiert: vor 2 Tagen • Gesponsert
    Senior Expert Systemspezialist im Bereich militärischer Hubschrauber (Betriebsführung NH90) (w / m / d)

    Senior Expert Systemspezialist im Bereich militärischer Hubschrauber (Betriebsführung NH90) (w / m / d)

    Hensoldt • Dortmund, DE
    Als Systemintegrator bietet HENSOLDT plattformunabhängige, vernetzte Komplettlösungen an.HENSOLDT einen Umsatz von 1,85 Milliarden Euro. Nach der Übernahme der ESG GmbH beschäftigt das Unternehmen c...Mehr anzeigen
    Zuletzt aktualisiert: vor 24 Tagen • Gesponsert
    Cluster Security Manager, DC Security (m / w / d) - A100 ROW GmbH

    Cluster Security Manager, DC Security (m / w / d) - A100 ROW GmbH

    A100 ROW GmbH • Dortmund, DE
    Über uns Amazon Web Services (AWS) is looking to hire a highly motivated, best-in-class Cluster Security Manager to manage the physical security at our data centers. Job responsibilitiesYou will be ...Mehr anzeigen
    Zuletzt aktualisiert: vor 14 Tagen • Gesponsert
    Solutions Engineer | Berlin | €90k (m / w / d) - Optimus Search

    Solutions Engineer | Berlin | €90k (m / w / d) - Optimus Search

    Optimus Search • Dortmund, DE
    Über uns About usIn this role, you'll have the unique opportunity to drive innovation across diverse industries, build strong client relationships, and guide projects from concept to execution.If y...Mehr anzeigen
    Zuletzt aktualisiert: vor 2 Tagen • Gesponsert
    SOC Detection Engineer (m / w / d)

    SOC Detection Engineer (m / w / d)

    SIGNAL IDUNA Gruppe • Hamburg, Dortmund
    Wir verändern die Versicherungswelt – und suchen dich, um die Zukunft mitzugestalten.Als einer der größten deutschen Versicherer und Finanzdienstleister mit Hauptsitz in Hamburg und Dortmund haben ...Mehr anzeigen
    Zuletzt aktualisiert: vor 5 Tagen • Gesponsert
    Supplier Quality Engineer (m / w / d) am Standort Göttingen

    Supplier Quality Engineer (m / w / d) am Standort Göttingen

    Excelitas Deutschland GmbH • Dortmund, DE
    Über uns ENABLE - Gestalte die Zukunft durch Licht.Mitarbeitern, das sich darauf konzentriert, marktorientierte Lösungen für die OEMS und Endanwender in den Bereichen Sensorik, Detektion, Bildgebun...Mehr anzeigen
    Zuletzt aktualisiert: vor 7 Tagen • Gesponsert
    Systems Engineer, Managed Operations ESC Berlin (m / w / d) - AWS European Sovereign Cloud Development Center GmbH

    Systems Engineer, Managed Operations ESC Berlin (m / w / d) - AWS European Sovereign Cloud Development Center GmbH

    AWS European Sovereign Cloud Development Center GmbH • Dortmund, DE
    Über uns AWS is set to introduce the inaugural European Sovereign Cloud (ESC), marking a significant development in Utility Computing (UC). To spearhead this initiative, we are actively seeking expe...Mehr anzeigen
    Zuletzt aktualisiert: vor 14 Tagen • Gesponsert
    SOC Detection Engineer (m / w / d)

    SOC Detection Engineer (m / w / d)

    Jobijoba • Dortmund, Dortmund (Kreis), Nordrhein-Westfalen
    SOC Detection Engineer (m / w / d) Das sind wir Wir verändern die Versicherungswelt – und suchen dich, um die Zukunft mitzugestalten. Als einer der größten deutschen Versicherer und Finanzdienstleister ...Mehr anzeigen
    Zuletzt aktualisiert: vor 2 Tagen • Gesponsert