As an Application Security Researcher, you will conduct various types of penetration testing on monday.com’s platform, oversee the bug bounty program, and guide developers on security best practices. You will also monitor and report on security threats and automate security detection processes.
monday.com is looking for an application security researcher to research our platform for vulnerabilities, manage our bug bounty program, and work with R&D to enhance the security of our platform. The Application Security Team is based in our headquarters, Tel Aviv, Israel - you’ll be the first to join the team from London.
monday.com works hybrid with 3 days in the London office.
About The Role:
- Perform black, gray, and white box penetration testing on monday.com’s platform - both frontend and backend.
- Manage the bug bounty program, including hacker engagement and communication with the hacker community.
- End-to-end work on reported vulnerabilities as part of the bug bounty program.
- Provide guidance on security best practices to developers.
- Embed/improve security threat modeling and secure coding in the development lifecycle.
- Develop security abuse cases for testing as part of the software development lifecycle.
- Perform and oversee security testing and manage remediation of identified vulnerabilities.
- Monitor and proactively report on current threats and vulnerabilities to application security.
- Initiate and automate processes for detecting and monitoring the platform security.
Social Title:
Application Security Researcher
Requirements
- Scripting capabilities and automation mindset.
- At least 2 years of experience in web penetration-testing.
- In-depth knowledge of application security vulnerabilities, testing techniques, and the OWASP framework.
- Experience working with the hacker/pen-testing community.
- Team player able to and build relationships across the organization, also remotely.
- Understanding of secure web application development.
- Comprehensive knowledge of IT and information security subject matter.
- Exposure to methods of promoting security awareness.
- Strong communication (verbal/written) and influencing skills, with an ability to manage internal and external relationships.
- Anticipates problems and identifies long-term implications of decisions and actions.
- Ability to work and learn alone.
- Able to prioritize workload and drive work to set deadlines.
Similar Jobs at monday.com
Productivity • Software
As an Application Security Researcher at monday.com, you will conduct penetration testing, manage the bug bounty program, and collaborate with R&D teams to enhance security practices. Your role entails guiding developers, overseeing vulnerability management, and improving security processes in the software development lifecycle.
Top Skills:
Owasp FrameworkWeb Penetration Testing
Productivity • Software
Provide application security services, including secure coding techniques, security testing support, and guidance for software development projects. Oversee vulnerability management, collaborate with teams on security best practices, and improve security processes within the software development lifecycle.
Top Skills:
Owasp
Productivity • Software
As an Application Security Researcher at monday.com, you will conduct penetration testing, manage the bug bounty program, and collaborate with R&D teams to enhance security practices. Your role entails guiding developers, overseeing vulnerability management, and improving security processes in the software development lifecycle.
Top Skills:
Owasp FrameworkWeb Penetration Testing
What you need to know about the Edinburgh Tech Scene
From traditional pubs and centuries-old universities to sleek shopping malls and glass-paneled office buildings, Edinburgh's architecture reflects its unique blend of history and modernity. But the fusion of past and future isn't just visible in its buildings; it's also shaping the city's economy. Named the United Kingdom's leading technology ecosystem outside of London, Edinburgh plays host to major global companies like Apple and Adobe, as well as a growing number of innovative startups in fields like cybersecurity, finance and healthcare.
