Vulnerability Data Manager
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
Every day the world gets more digital thanks to tens of millions of developers building the future faster than ever. But with exponential growth comes exponential risk as outnumbered security teams struggle to secure mountains of code. This is where Snyk (pronounced sneak) comes in. Snyk is a developer security platform that makes it easy for development teams to find prioritize and fix security vulnerabilities in code dependencies containers and cloud infrastructure and do it all right from the start. Snyk is on a mission to make the world a more secure place by empowering developers to develop fast and stay secure.
Joining Snyk means embracing our core values: One Team Care Deeply Customer Centric and Forward Thinking. As a member of our team youll have the opportunity to thrive in a dynamic environment where fostering collaboration leading with empathy driving business impact and inspiring trust are at the heart of everything we do.
Our Opportunity:
We are looking for an experienced analytical and collaborative Open Source Vulnerability Data Manager to join our team and help us build the best DB of open source and container vulnerabilities out there.
In modern software development much of any projects code relies on open source packages. These packages often distributed in Linux containers are visible for anyone and have vulnerabilities lurking in their code. As part of our Open Source group youll join us on our mission to continually improve our ability to find these open source and container vulnerabilities in a programmatic way. Every day new vulnerabilities and updates are published that require processing and triage in order to be added to the Snyk Vulnerability DB.
Your role will be to take charge of a team of security analysts who carry out this work. Youll lead the effort of populating our DB monitoring our workflows and shaping our processes to make sure we continue to have the most accurate timely innovative and informative open source and container vulnerability DB in the market.
Youll spend your time:
- Leading a dedicated team of security analysts that are responsible for the content and maintenance of our vulnerability DB.
- Establishing metrics and improvement targets for data quality depth and timeliness of delivery then tracking and driving toward those targets.
- Setting high quality standards ensuring the accuracy and consistency of our DB.
- Exploring new sources of security intelligence from open source repositories Linux distributions and AIbased services for integration into our data.
- Supervising our industrysupporting participation as a verifier and facilitator of responsible vulnerability disclosures from 3rd parties and inhouse researchers.
- Establishing the new abilities we need to develop to further our mission.
- Triaging and analyzing potential vulnerabilities discovered in open source dependencies.
- Using research to verify or disqualify potential vulnerabilities.
- Using data analysis techniques to answer research questions about vulnerabilities and general threat intelligence trends.
- Directing machine learning models to find where vulnerabilities are most likely to exist using our unique database of verified vulnerabilities information about how the open source community operates and the static code itself.
- Collaborating closely with product managers to develop security intelligence data products to serve the needs of the Snyk platform.
- Working with users and Support staff to diagnose prioritize and address the needs of existing or prospective users.
- Guiding team members in developing specialized skills such as vulnerability analysis exploit reproduction data analysis and responsible disclosure.
You should apply if:
- You have proven experience leading security operations or security R&D.
- Youve led projects that depend on coordination between multiple teams.
- Youre comfortable working with large datasets (we mainly use PostgreSQL Snowflake and Kafka).
- You have a passion for security and a solid background solving the problems that arise in the space.
- You have experience using statistical tools to help answer research questions.
- You love to automate your work by writing your own scripts (we use Python JavaScript and Go).
- You love learning new techniques and getting experience in new fields.
Wed especially love to hear from you if:
- You have worked with researchers before ideally in the security space or have conducted security research yourself.
- You have experience PoCing vulnerabilities and dealing with vulnerability disclosures.
- You have worked closely with data scientists in the past and have experience working with ML.
#LITF1
We care deeply about the warm inclusive environment weve created and we value diversity we welcome applications from those typically underrepresented in tech. If you like the sound of this role but are not totally sure whether youre the right person do apply anyway!
About Snyk
Snyk is committed to creating an inclusive and engaging environment where our employees can thrive as we rally behind our common mission to make the digital world a safer place. From Snyk employee resource groups to global benefits that help our employees prioritize their health wellness financial security and a work/life blend we aim to support our employees along their entire journeys here at Snyk.
Benefits & Programs
Prioritize health wellness financial security and life balance with programs tailored to your location and role.
- Flexible working hours workfrom home allowances inoffice perks and time off for learning and self development
- Generous vacation and wellness time off countryspecific holidays and 100 paid parental leave for all caregivers
- Health benefits employee assistance plans and annual wellness allowance
- Countryspecific life insurance disability benefits and retirement/pension programs plus mobile phone and education allowances
Required Experience:
Manager
Employment Type
Full Time
