Role Description
**The Security Research team**
This team is currently composed of security researchers with a focus to make sure that the members of Detectify Crowdsource - our network of ethical hackers - are engaged and enjoying the best possible experience when collaborating with Detectify.
When our hackers submit a vulnerability through our Crowdsource platform, our team builds a module for it and adds it into the Detectify service. By reporting the vulnerability to us, it becomes a security test which is then made available to all our customers – this is how Detectify combines automation and crowdsourcing.
These tests come in various, unique flavors, and are driven by crowdsourced security knowledge. We in the Module development team team are responsible for validating, configuring and executing such tests on our customer’s web applications.
We aim for the best possible scanning performance with comprehensive coverage of possible security issues optimizing for flow, fast feedback and quality. We follow lean and DevOps concepts, aiming to be innovative, helpful, and have a strong sense of ownership for all the things we build.
**What You'll Get To Do**
As a Security researcher, your main responsibility will be to validate and implement proof of concepts, uploaded by our Crowdsource and internal researchers, into our scanners. This is a great opportunity to boost you knowledge around hacking and vulnerabilities
**Other Responsibilities Include**
* Communicate with our internal security researchers in order to gather all necessary information to understand the submitted vulnerabilities.
* Develop modules from vulnerability reports using JSON-based DSL or Go.
* Perform code reviews to ensure accuracy and reduce false positives.
* Consistently review behavior of implemented modules to identify false positives or negatives.
Work with continuous automation of module development.
**Who You Are**
We believe that you are a student finishing your last year or maybe even finished, and want to do your learning in practice (LIA) with us here at Detectify for a period of 6 months. You are a highly versatile and self-motivated individual who can create and drive change. You are involved with the security community and understand how vulnerabilities work. You have a
**strong interest for internet security**
and you want to engage with an international network of security researchers.
**Ideally you have some hands on experience of bug bounty or CTF (Capture the flag) or similliar.**
**So, what do you think?**
We are proud to foster an inclusive workplace free from discrimination. We strongly believe that diversity of experience, perspectives, and background will lead to a better environment for our employees and a better product. This is something we value deeply and we encourage everyone to be a part of changing the way the world thinks about security! Go hack yourself!
**Location**
This position is for the Stockholm office and we'd like to see you there in person a few times per week
Detectify sets a new standard for advanced application security testing, challenging traditional Dynamic Application Security Testing (DAST) by providing evolving coverage of each and every exposed asset across the changing attack surface. AppSec teams trust Detectify to expose how attackers will exploit their Internet-facing applications.
The Detectify platform automates continuous real-world, payload-based attacks fuelled by its global community of elite ethical hackers into its own expert-built engines, exposing critical weaknesses before it's too late. Go hack yourself.