Checkmarx is the enterprise application security leader and the host of Checkmarx One™ — the industry -leading cloud-native AppSec platform that helps enterprises build #DevSecTrust.
Description
Who are we?
Checkmarx is the leader in application security and ensures that enterprises worldwide can secure their application development from code to cloud. Our consolidated platform and services address the needs of enterprises by improving security and reducing TCO, while simultaneously building trust between AppSec, developers, and CISOs. At Checkmarx, we believe it’s not just about finding risk, but remediating it across the entire application footprint and software supply chain with one seamless process for all relevant stakeholders.
We are honored to serve more than 1,800 customers, which includes 40 percent of all Fortune 100 companies including Siemens, Airbus, SalesForce, Stellantis, Adidas, Wal-Mart and Sanofi.
Requirements
What are we looking for?
Checkmarx, a leader in the application security testing market, actively seeks talented application security engineers (AppSec Eng.) to support Checkmarx Global Services and our customers. The perfect candidate has a robust background in software development and application security.
How will you make an impact?
- Support some of our strategic/top-tier customers in conducting security-focused code reviews using the Checkmarx Platform.
- Support customer's AppSec and Dev Teams with mitigation advice for identified vulnerabilities.
- Create a proof of concept based on identified vector attacks.
Daily and monthly responsibilities:
- Conduct security-focused static code analysis on top of a broad range of development languages and open-source libraries.
- Support customer AppSec/Dev teams with mitigation strategies/advice for identified vulnerabilities.
- When required, create proofs of concept that can illustrate a given vulnerability's exploitability.
- When needed, support AppSec/Dev teams in analyzing applications.
What You’ll Need:
- Bachelor's degree in computer science or another highly technical scientific discipline.
- Knowledge in development using one or more high-level programming languages like Java..NET, JavaScript, Go, Python, etc.
- Understanding security-focused code review covering some market standards and AppSec Frameworks like OWASP Web/API/Mobile Top 10, PCI- DSS, etc.
- A proactive approach to spotting problems, areas for improvement, and performance bottlenecks.
- Strong technical aptitude - being able to pick up technical concepts rapidly is required.
- Highly motivated self-starter.
- Fluent in English (++ for other languages).
What we have to offer