Security Programmer Writer(Open Source)

eXcell, a division of CompuCom Systems, Inc.
Sanfrancisco, CA
31 Mar 2024

Vacancy expired!

At , we set you up for job success right from the start. Our precision recruiting process aligns the right fit for the right people. Our client is currently seeking a Security Programmer Writer (Open Source) to join their team for a remote position. The candidate will join the Security Lab and will contribute to the curation of our Advisory Database. Scope of Activity and Responsibilities:1. Conduct code reviews (must be able to read code/no actual coding required)2. Analyze vulnerability reports to address the problems of vulnerability uniqueness, transparency and disclosure3. Apply Open Source software experience to role4. Manage the content within the Advisory Database, what source data is ingested from the Database, and which standards are followed for the advisories in the ingested datasets, vulnerability information shared in the database powers many open-source tools, including Dependabot and npm-audit.5. Maintain the completeness and correctness of the data within the Advisory Database6. Review, curate and publish security advisories, including their descriptions, affected product data, severity, and more using our curation tooling Required Qualifications:

  • Proficient in one or more modern programming languages and its associated packaging ecosystems supported by the database, such as JavaScript / npm, Java / Maven, Python / PyPI, etc.
  • Strong understanding of common software vulnerabilities and knowledge of secure code principles, including common versioning schemes
  • Strong understanding of open-source software development and packaged software
  • Familiarity with GIT and other version control software
  • Strong written and verbal communication skills and strong technical writing skills
Preferred Qualifications:
  • Minimum 3+ years of experience in the field of information security, system administration, or open-source software maintenance
  • Familiarity with vulnerability analysis, vulnerability trends, and using common vulnerability metrics (CVSS, CWE)
  • Familiarity with evaluating risk, impact, and severity of a vulnerability
  • Experience performing code reviews
  • Previous experience using open-source software and strong interest in open source security
  • Previous experience in the software security domain is a big plus, though other relevant experience will be considered as well
  • Must be self-motivated, as well as highly organized
  • Must have worked either within or with engineers in the security / product security space
Full COVID-19 vaccination may be required. We will consider for employment all qualified applicants, including those with criminal histories, arrest, and conviction records in a manner consistent with the requirements of applicable state and local laws. This includes the City of Los Angeles Fair Chance Initiative for Hiring Ordinance as well as the San Francisco Fair Chance Ordinance. W2 only, no Corp to Corp. We are unable to sponsor H1B visas at this time. Supports Equal Employment Opportunity , a division of CompuCom Systems, Inc., a global company headquartered in Bellevue, Washington, provides IT staffing services and solutions to Fortune 1000 companies as well as small and medium business. For more information, visit . INDRMT
  • ID: #49594569
  • State: California Sanfrancisco 94101 Sanfrancisco USA
  • City: Sanfrancisco
  • Salary: BASED ON EXPERIENCE
  • Job type: Contract
  • Showed: 2023-03-31
  • Deadline: 2023-05-29
  • Category: Security