Senior Security Researcher
Low-code/no-code (LCNC) platforms are placing more power than ever in the hands of business professionals, allowing them to address their own needs rather than wait for IT. Unfortunately, it also opens the door for hackers and costly mistakes. Zenity is the first security platform to help organizations adopt low-code/no-code development without compromising security governance, pioneering this brand new area of security.
About the job:
We are seeking an experienced Senior Security Researcher to join our Research department, focusing on low-code and no-code platforms. The ideal candidate should have a minimum of 5 years of relevant experience and a strong background in conducting research, identifying vulnerabilities, and performing in-depth analysis of web and API security within cloud environments. This role offers a unique opportunity to contribute to the security of emerging technologies that are transforming the software development landscape.
- Conduct thorough research to identify security weaknesses and vulnerabilities within low-code/ no-code platforms;
- Perform in-depth analysis of web and API security, identifying potential threats and developing mitigation strategies;
- Collaborate with cross-company teams to proactively address security concerns during the development lifecycle;
- Stay up-to-date with the latest industry trends, security threats, and advancements in low-code and no-code technologies;
- Develop proof-of-concept exploits, provide recommendations for remediation to affected vendors, and create detections in the Zenity platform;
- Contribute to the development of security guidelines, best practices, and standards tailored for low-code and no-code platforms;
- Collaborate with external security researchers and organizations to enhance the overall security posture of the low-code/no-code landscape;
- Perform publishable research and share it via blog posts, conference talks and meet-ups.
- Relevant professional and/or academic education:
- Bachelor's or Master's degree in Computer Science, Information Security, or a related field;
- Relevant military courses;
- Other relevant formal training
- Minimum of 5 years of experience in the field of security research, with at least 3 of them with focus on cloud, web and/or API security
- Experience working with cloud environments and understanding of cloud security best practices.
- Strong knowledge of security principles, protocols, and best practices.
- Excellent problem-solving skills and ability to think creatively
- Self-driven and able to work independently, with a proactive attitude towards continuous learning and self-study (others will need to corroborate this 🙂)
- Effective communication skills to articulate complex security issues to technical and non-technical stakeholders