Vulnerability Analyst

Black Duck Software, Inc. helps organizations build secure, high-quality software, minimizing risks while maximizing speed and productivity. Black Duck, a recognized pioneer in application security, provides SAST, SCA, and DAST solutions that enable teams to quickly find and fix vulnerabilities and defects in proprietary code, open source components, and application behavior. With a combination of industry-leading tools, services, and expertise, only Black Duck helps organizations maximize security and quality in DevSecOps and throughout the software development life cycle.

We are seeking a dedicated and driven Vulnerability Analyst to join our team. A Vulnerability Analyst is responsible for performing security analysis of open-source projects, facilitating the delivery of accurate and actionable security information. The successful candidate would be expected to engage with senior team members, assist with security research efforts and report to the Security Research Team Leads. This position will be based out of our Belfast, Northern Ireland office. Additionally, other duties may include, but is not limited to, quality review of vulnerability reports, development of internal tools and contributing ideas and improvements across our processes.

As a Vulnerability Analyst, your primary responsibilities are:

• Performing security research activities on both public and undisclosed vulnerabilities
• Performing vulnerability analysis and developing clear and accurate vulnerability reporting
• Engaging with senior security researchers

Job Requirements:

• Degree in Cyber Security, Computer Science / related field or proven willingness to learn
• Excellent written and verbal communication skills
• Versatile and capable of working in a fast-paced agile environment
• Demonstrates initiative
• Excellent team collaboration
• Strong commitment to customers
• Understands the importance of strong processes and structured documentation
• Demonstrates strong problem-solving abilities and can work independently
• Familiarity with version control and source control systems (e.g., Git)

Skills & Experience:

• Awareness of Open Source, OWASP, networking concepts
• Understanding of various operating systems and common applications
• Understanding of software security and vulnerability management
• Understanding of various vulnerability types and mitigations
• Scripting experience (Python /Perl/Java/Ruby etc)
• Understanding of AI concepts, including machine learning, deep learning and natural language processing

Black Duck considers all applicants for employment without regard to race, color, religion, sex, gender preference, national origin, age, disability, or status as a Covered Veteran in accordance with federal law. In addition, Black Duck complies with applicable state and local laws prohibiting discrimination in employment in every jurisdiction in which it maintains facilities. Black Duck also provides reasonable accommodation to individuals with a disability in accordance with applicable laws.