Security Researcher

What we do at Detectify

Detectify was born from the simple idea that the Internet is broken. Our founders are among the best ethical hackers in the world. They have found critical vulnerabilities at tech giants like Google, Facebook, and Dropbox and used their hacker knowledge to build an advanced web application security scanner that is used by companies such as Spotify, Trello, and KING.

We also collaborate with a global network of handpicked white-hat hackers, who continuously provide us with valuable security research. Our crowd-based security program allows us to bring in the best independent security researchers in the world and automate their findings into our tool.

The Crowdsource team

Our team is growing and we are looking for another Security Researcher to the Crowdsource team. This team is currently composed of four people that work hard in order to make sure that the members of Detectify Crowdsource - our network of white-hat hackers - are engaged and enjoying the best possible experience when collaborating with Detectify.

When a researcher submits a vulnerability through our platform, our team builds a module for it and adds it into the Detectify service. By reporting the vulnerability to us, it becomes a security test which is then made available to all our customers – this is how Detectify combines automation and crowdsourcing.

What you will get to do

As a Security Researcher, your main responsibility will be to validate and implement proof of concepts, uploaded by our Crowdsource and internal researchers, into our scanner. You will also be involved in identifying improvement areas in the development process, with the final aim of enabling significant scaling of Crowdsource.

Other responsibilities include:

• Communicate with our security researchers in order to gather all necessary information to understand the submitted vulnerabilities
• Develop modules from vulnerability reports using C# and a JSON-based DSL
• Perform code reviews to ensure accuracy and reduce false positives
• Consistently review behavior of implemented modules to identify false positives or negatives.
• Work with continuous automation of module development.
• Develop proof-of-concept code for new scanner features.

Who you are

You are looking for an opportunity to impact and shape the future of a growing organisation. You are obsessed with tinkering and iterating to developing your programming further with a security-first approach. You are a highly versatile and self-motivated individual who can create and drive change.

You are involved with the security community and understand how vulnerabilities work. Overall, internet security is an interest of yours and you want to engage with an international network of security researchers.

We would expect you to have some years of experience writing code in an object and component-oriented programming discipline - most preferably with C#.

So, what do you think?

We welcome people from all backgrounds who seek the opportunity to help build a more secure internet. If you have the curiosity, passion, and collaborative spirit, work with us, and let’s do this together. It will be fun!