Qualifications:

  • Previous experience and exposure to open source software
  • Familiarity with one or more major open source ecosystems such as npm, python, java, etc.
  • Strong interest in open source security
  • Strong understanding of common software vulnerabilities (OWASP Top 10 for example) and knowledge of secure code principles
  • Strong written and verbal communication skills in English and strong technical writing skills
  • Previous experience in the software security domain is a big plus, though other relevant experience will be considered as well
  • Ability to work in a team, empathy for others when they need help, accountability when they rely on you

What You’ll Do:

  • Add advisories to GitHub Advisory Database using our curation tooling
  • Review CVE requests to ensure they conform to the CVE systems rules, assign CVE IDs and ultimately publish CVEs to MITRE
  • Write/edit advisory descriptions
  • Find ways to grow the breadth, depth, and influence of GitHub AdvisoryDB, including:
  • Finding new sources of advisories
  • Extending the amount and type of data that is curated
  • Working with stakeholders, both internal and external, to help them make the best use of the dataset
  • Writing blog posts, giving talks, and other kinds of public outreach.
  • Collaborate with security researchers and influence their research with data you are collecting
  • Work as part of a team.

jobno.one s.r.o.