Open Source Security Threat Researcher - Ottawa, Canada - Trend Micro

Trend Micro

Verified Company

Ottawa, Canada

3 weeks ago

Posted by:

Sophia Lee

beBee Recruiter

Description

Trend Micro, a global cybersecurity leader, helps make the world safe for exchanging digital information. Fueled by decades of security expertise, world-leading global threat research and intelligence, and continuous innovation, our cybersecurity platform protects hundreds of thousands of organizations and millions of individuals across clouds, networks, devices, and endpoints

With 7,000 employees across 65 countries, and the world's most advanced global threat research and intelligence, Trend Micro enables organizations to simplify and secure their connected world.

Overview:
We are a world-class Information Security team, one of the best in Canada. We specialize in Cloud and Container threat research, vulnerability research and rules development.

As an Open Source Security Threat Researcher, you will be responsible for developing and maintaining an intelligence feed of known and unkown vulnerabilities in open-source software.

Your main goal will be to ensure that the intelligence feed provides timely and accurate information to customers, enabling them to proactively identify and remediate vulnerabilities in their environments.

Responsibilities:

Research and monitor opensource software for new vulnerabilities and potential threats.
Collect, analyze and process vulnerability data from various sources.
Develop scripts and tools to automate the collection and processing of vulnerability data.
Write comprehensive vulnerability reports and advisories for different opensource projects.
Collaborate with other security professionals to identify emerging trends and new security threats.
Develop and maintain relationships with the open source community and security researchers to keep uptodate with the latest security research.
Continuously improve the vulnerability intelligence feed by incorporating feedback from customers and incorporating new sources of vulnerability data.

Qualifications:

Experience Required:
Experience in vulnerability research, intelligence, or related field.
Strong knowledge of open-source software and their vulnerabilities.
Familiarity with vulnerability databases such as CVE, NVD, and CVSS.
Experience in developing scripts and tools for data collection and processing.
Some experience in one or more of these programming languages python, ruby, javascript
Intimate familiarity with OWASP top 10
Knowledge SCA tools, SAST, DAST etc.
Knowledge of DevOps and DevSecOps
Excellent analytical and problem-solving skills.
Strong written and verbal communication skills.
Ability to work in a fast-paced, dynamic environment.
This job description is a general outline of the key responsibilities and qualifications for an Open Source Security Threat Researcher. Other duties and requirements may be added as needed.