Threat Analyst

Job Description

Who We Are

Socket's mission is to help developers and security teams to ship faster and spend less time on security busywork. Thousands of organizations use Socket to safely discover, audit, and manage their open source code. Our customers – from Figma to Vercel – absolutely love Socket (just read their tweets to see for yourself!)

The company was founded by Feross Aboukhadijeh, who has worked in open source software for 10+ years writing software that receives more than a billion downloads per month. We have raised $65M in funding from the best angel investors, operators, and security leaders in the industry.

Role

Socket is looking for a Security Analyst to join its growing team. In this role, you will be responsible for reviewing threats flagged by our proprietary LLM-based AI scanner, work on enhancing our malware analysis workflow, and improve Socket’s static code analysis capabilities across various programming languages.

Responsibilities

• You will review and triage threats flagged by Socket’s proprietary LLM-based AI scanner
• You will work on improving our AI threat review workflow and automate repetitive tasks involved in analyzing malware at scale with custom scripts and improvements to the platform
• You will improve Socket’s static code analysis for a variety of programming languages
• You will write up and report findings in a clear and comprehensible manner
• You keep informed about the latest developments in cybersecurity and emerging threat vectors

What We're Looking For

• 2 plus years of work experience in a related field or a Bachelor’s Degree in Computer Science, Computer Engineering, Cyber Security etc.
• Passion for open-source and code
• Understanding of software security principles and vulnerabilities
• Proficiency in at least one programming language; knowledge of TypeScript/JavaScript is a plus
• Ability to work effectively in a collaborative team environment and to communicate complex security issues
• Eagerness to learn and build a career in security research
• Excellent problem-solving skills and attention to detail

At Socket, we

1. Pursue Excellence: We set ourselves apart by consistently delivering work of exceptional quality and distinction.
2. Move with urgency and focus: We prioritize swift, decisive action.
3. Think rigorously: We care about being right and it often takes reasoning from first principles to get there. We value alternative perspectives and have constructive discussions.
4. Trust and amplify: We overtrust, always assume good intent, and give specific feedback to help each other improve.
5. Feel a strong sense of ownership: We wear many hats and feel a strong sense of overall ownership of the company and we're non-territorial regarding our nominal domains.
6. Are customer obsessed: We relentlessly prioritize the needs of our customers, striving to exceed their expectations and delight them at every interaction.