Offer summary

Qualifications:

Bachelor's degree in computer science or a related field., Knowledge of programming languages such as Java, .NET, JavaScript, Go, or Python., Understanding of security-focused code review standards like OWASP Top 10 and PCI-DSS., Strong technical aptitude and proactive problem-solving skills..

Key responsibilities:

Conduct security-focused static code analysis across various programming languages.

Support customer development and security teams with vulnerability mitigation advice.

Create proofs of concept to demonstrate exploitability of vulnerabilities.

Assist in analyzing applications and providing security recommendations.

Job description

Description

Who are we?

Checkmarx is the leader in application security and ensures that enterprises worldwide can secure their application development from code to cloud. Our consolidated platform and services address the needs of enterprises by improving security and reducing TCO, while simultaneously building trust between AppSec, developers, and CISOs. At Checkmarx, we believe it’s not just about finding risk, but remediating it across the entire application footprint and software supply chain with one seamless process for all relevant stakeholders.

We are honored to serve more than 1,800 customers, which includes 40 percent of all Fortune 100 companies including Siemens, Airbus, SalesForce, Stellantis, Adidas, Wal-Mart and Sanofi.

Requirements

What are we looking for?

Checkmarx, a leader in the application security testing market, actively seeks talented application security engineers (AppSec Eng.) to support Checkmarx Global Services and our customers. The perfect candidate has a robust background in software development and application security.

How will you make an impact?

Support some of our strategic/top-tier customers in conducting security-focused code reviews using the Checkmarx Platform.
Support customer's AppSec and Dev Teams with mitigation advice for identified vulnerabilities.
Create a proof of concept based on identified vector attacks.

Daily and monthly responsibilities:

Conduct security-focused static code analysis on top of a broad range of development languages and open-source libraries.
Support customer AppSec/Dev teams with mitigation strategies/advice for identified vulnerabilities.
When required, create proofs of concept that can illustrate a given vulnerability's exploitability.
When needed, support AppSec/Dev teams in analyzing applications.

What You’ll Need:

Bachelor's degree in computer science or another highly technical scientific discipline.
Knowledge in development using one or more high-level programming languages like Java..NET, JavaScript, Go, Python, etc.
Understanding security-focused code review covering some market standards and AppSec Frameworks like OWASP Web/API/Mobile Top 10, PCI- DSS, etc.
A proactive approach to spotting problems, areas for improvement, and performance bottlenecks.
Strong technical aptitude - being able to pick up technical concepts rapidly is required.
Highly motivated self-starter.
Fluent in English (++ for other languages).

Required profile