Vulnerability Analyst
Remote
Posted on 3/9/2023
INACTIVE
TheoremOne

51-200 employees

Custom enterprise software & consulting platform
Company Overview
TheoremOne is on a mission to dismantle the traditional consulting ecosystem and replace it with an effective framework for innovation that transforms the way businesses think about and solve problems from the inside out. The company advises clients on product strategy, engineering, design, and culture, then partners with them to build and launch technology-driven solutions to their most complex problems.
Consulting

Company Stage

N/A

Total Funding

N/A

Founded

2007

Headquarters

Los Angeles, California

Growth & Insights
Headcount

6 month growth

-39%

1 year growth

-48%

2 year growth

-43%
Locations
United States
Experience Level
Entry
Junior
Mid
Senior
Expert
Desired Skills
Python
JavaScript
Git
Java
Maven
CategoriesNew
Software Engineering
Requirements
  • You are passionate about helping your audience through great documentation regardless of experience level
  • You are self motivated, highly organized, and seeking a high performance culture
  • Your decisions are quick, calculated, and based in fact or backed by research
  • You enjoy organizing and searching for information
  • You enjoy connecting and working with online communities
  • You have the confidence to respond to a problem with "I don't know, but I will find out!" and the knowledge and research mindset to learn
  • You have worked either within or with engineers in the security/product security space
  • Strong written and verbal communication skills in English and strong technical writing skills
  • Strong understanding of common software vulnerabilities and knowledge of secure code principles, including common versioning schemes
  • Strong understanding of open-source software development and packaged software
  • Familiarity with git and other version control software
  • Experience in the field of information security, system administration, or open-source software maintenance
  • Proficiency in one or more modern programming languages and their associated packaging ecosystems, such as JavaScript/npm, Java/Maven, Python/PyPI, .NET/nuget
  • Experience working with online communities
  • Be able to provide a technical writing sample with your application. If possible the sample should be about code vulnerabilities and address the documented code base
  • New product development
  • Pure R & D
  • Legacy modernization
  • Revenue generation
  • Process optimization
  • Organizational transformation
Responsibilities
  • Ensure the completeness and correctness of the advisory data within the GitHub security existing database
  • Review, fully document, curate and publish security advisories, including their descriptions, affected product data, severity, and more using their curation tooling
  • Work as part of a remote and geographically diverse team
Desired Qualifications
  • Familiarity with vulnerability analysis, vulnerability trends, and using common vulnerability metrics (CVSS, CWE)
  • Familiarity with evaluating the risk, impact, and severity of a vulnerability
  • Experience performing code reviews
  • Previous experience using open-source software and a strong interest in open-source security
  • Previous experience in the software security domain is a big plus, though other relevant experience will be considered as well
  • Ability to work in a team, empathy for others when they need help, and accountability when they rely on you