Intermediate Vulnerability Researcher, AST: Vulnerability Research at Gitlab

This role is perfect for a security professional who has spent time digging into how code-scanning tools actually work under the hood. You should have a solid background in web security, vulnerability management, and specifically how compilers or static analysis can be used to catch flaws in the software supply chain. **What makes it worth a look...** The pay range is exceptionally broad, reaching up to $210,000 for a mid-level role, and includes equity and an employee stock purchase plan. Beyond the compensation, you get to work in a fully remote, asynchronous environment with high-end perks like a home office stipend and a growth and development fund. **You might be a good fit if you...** * Have built or tuned automated web security tools like SAST or DAST. * Can perform root cause analysis to explain why a scanner missed a bug or flagged a false positive. * Understand the technical nuances of software composition analysis and dependency vulnerabilities. * Are comfortable writing proof-of-concept exploits to validate your research findings.