GitHub is seeking a security analyst to join its Security Lab. The qualified candidate will contribute to the curation of the GitHub Advisory Database as well as the operation of the GitHub CVE program. You will help us grow the breadth and depth of our Advisory Database, and you will help us analyze vulnerability reports for the purposes of assigning and publishing CVEs. In addition to your curation responsibilities you will also have the opportunity to grow into a security research role with the Security Lab research team.
Meet the team:
The mission of the GitHub Security Lab is to inspire and enable the community to secure the open source software we depend on. We create a home for security researchers where they can collaborate and share, with the common goal of securing open source software.
The GitHub Advisory Database is a core part of the Security Lab’s mission. The GitHub Advisory Database is unique in that it is currently the only freely licensed dataset focused on general open source vulnerabilities. The role of a Security Analyst is to manage the Advisory Database, what sources data is ingested from into the Database, and which standards are followed for the advisories in the ingested datasets.
The GitHub CVE program complements the GitHub Advisory Database. It allows open source maintainers to easily publish advisories and to associate them with CVEs, which are the industry standard for vulnerability identifiers. The successful candidate will learn and enforce the CVE rules and apply them to GitHub Security Advisories. In this role a fair amount of technical writing is required.
What You’ll Do:
Who We Are:
GitHub is the developer company. We make it easier for developers to be developers: to work together, to solve challenging problems, and to create the world’s most important technologies. We foster a collaborative community that can come together—as individuals and in teams—to create the future of software and make a difference in the world.
Customer Obsessed - Trust by Default - Ship to Learn - Own the Outcome - Growth Mindset - Global Product, Global Team - Anything is Possible - Practice Kindness
Why You Should Join:
At GitHub, we constantly strive to create an environment that allows our employees (Hubbers) to do the best work of their lives. We've designed one of the coolest workspaces in San Francisco (HQ), where many Hubbers work, snack, and create daily. The rest of our Hubbers work remotely around the globe. Check out an updated list of where we can hire here: https://github.com/about/careers/remote
We are also committed to keeping Hubbers healthy, motivated, focused and creative. We've designed our top-notch benefits program with these goals in mind. In a nutshell, we've built a place where we truly love working, we think you will too.
GitHub is made up of people from a wide variety of backgrounds and lifestyles. We embrace diversity and invite applications from people of all walks of life. We don't discriminate against employees or applicants based on gender identity or expression, sexual orientation, race, religion, age, national origin, citizenship, disability, pregnancy status, veteran status, or any other differences. Also, if you have a disability, please let us know if there's any way we can make the interview process better for you; we're happy to accommodate!
Please note that benefits vary by country. If you have any questions, please don't hesitate to ask your Talent Partner.