Job description: Experienced software security expert
Software is getting more complex, the amount of criminal hackers is growing, and automatic tools for software engineers are just not good enough. Human software security experts are just irreplaceable, but have too much work. Our review environment makes you 2 times as effective in application security review (with a focus on code review), up to 10 times faster in certain tasks. Oh, and we also automate the mundane analysis tasks; we thought you might like that.
The Codean review environment is what makes us unique. This is for a security expert what an IDE is for software engineers. Funny enough, most application security experts use an IDE for software analysis, even though it's made for software development. Instead, the environment we are building is tailor made for security analysis: which features ranging from keeping track what is reviewed, to symbiotic taint analysis, to easy report composition.
You will be the third of our in-house elite team of security experts. You will work on projects ranging from old school Java web servers (or new using Kotlin) to state of the art Zero Knowledge Proof protocols build on a blockchain. And customers vary quite a lot as well: from impact startups to decentralized finance to HR platforms. During that work we found some public vulnerabilities that resulted in CVE’s, which fits our mission to make the digital world a safer place.
What we look for
We are looking for a software security analyst who shares our vision that a security analysis that leverages source code, enables you to find the most vulnerabilities. However, we do require (or train you with) a hacker mindset: because in projects you will also have access to a penetration testing environment to verify vulnerabilities.
And we look for someone who likes to try new tools. With your feedback, we will improve the Review Environment further with many large and small features. And as another business model supply the environment to thousands of other security analysts worldwide, to superpower all the ethical hackers out there.
We're on a great adventure. We are a team of 10 right now, but expect to grow to 25 people in 2 years, and who knows after that. Because we are working hard to become a tech leader in software security.
What we offer
Learning a lot: about building a startup, about software security, about worldwide expansion
Joining the adventure of building a worldwide tech leader in software security
Flexible hours: as long as you deliver, your working hours are flexible
Working remote first: you work from home or another location you prefer
3 times a year a two-day retreat on a great location to work and have fun (= hackathons!)
Salary 50-70K (including 8% holiday allowance) plus gear and stock option plan
Top-notch laptop and gear (screens, keyboard, headset, lights, microphone, etc)
Long-term involvement starting with a 7-month contract
3+ years experience in software security, including code review on multiple languages
Trained in software development (e.g. a BSc / MSc in computer science, but not needed)
Hacking skills and mindset (e.g. OSCP certified)
Fluent professional English (both verbal and written)
Soft skills: no need to give presentations, but strong communication (writing) skills is a big plus
How your personality fits our culture
Matching the Dutch culture of low-context in communication and direct in giving and receiving feedback
Open-minded for diversity (we have six nationalities and are diverse in personalities)
Experience working with / living in a European context; since a small team needs a mix of diversity and common cultural background.
Entrepreneurial spirit: a startup means that some things are not so well arranged, so you need to be flexible. You have a lot of freedom, and therefore responsibility
Sharing is caring: next to work we also about our private life, and we also share and care in being straightforward about our expectations and feedback
Living in (or close to) the Netherlands or willing to relocate for a minimum of 1-2 years
Be present at all physical meeting every month at an inspiring location in & around Utrecht, the Netherlands (in the future that will probably develop to every 2 months)
We are an IND recognized sponsor, if needed we can arrange your work permit.
If you’re interested, send your resume and a short motivation to [email protected]. If you’re not sure about the role or the match, or have questions? Send an email too!