Intermediate Vulnerability Researcher, Ast: Vulnerability …, Melbourne
Intermediate Vulnerability Researcher, Ast: Vulnerability …, Melbourne
-
Melbourne, Australia -
Posted: yesterday
-
Save -
Share
Description
Role Overview As an Intermediate Vulnerability Researcher, AST: Vulnerability Research, you will help improve how GitLab detects and understands software vulnerabilities across our Application Security Testing offerings. Your work supports stronger detection in Static Application Security Testing (SAST), Secret Detection, and Composition Analysis (SCA), while contributing to future security products. You will research vulnerabilities and exploitation methods, turn findings into practical improvements, and help GitLab teams and customers get more accurate, useful security results. This role sits at the intersection of research, product quality, and security engineering within GitLab’s Engineering organization. Responsibilities
- Carry out vulnerability research and develop proof of concepts that inform GitLab security products and internal security efforts.
- Curate advisory databases for dependency scanning by reviewing, editing, and adding advisories while reducing repetitive manual work through automation.
- Build benchmarks that test the efficacy of scanning and detection products across supported security categories.
- Measure product efficacy over time and use findings to improve the quality and reliability of detection results.
- Assess security product output and perform root cause analysis to identify gaps, false positives, false negatives, and opportunities for improvement.
- Write detailed technical reports that document research findings, methods, and recommendations clearly.
- Respond to internal and external questions related to vulnerabilities, advisories, and detection behavior.
- Collaborate with Security, Development, and Product teams to apply research insights to GitLab’s integrated security capabilities. Qualifications
- Experience developing or improving vulnerability detection capabilities in web security or a closely related area.
- Knowledge of the vulnerability management process and how research connects to product outcomes.
- Understanding of software composition analysis and software supply chain ecosystems.
- Experience with source code analysis, static application security testing, dynamic application security testing, and benchmarking the efficacy of security tools.
- Knowledge of compilers and compiler design as it relates to code analysis and detection techniques.
- Experience building automated web security testing or analysis tools.
- Ability to contribute in a product development workplace and work effectively with cross‑functional partners.
- Interest in security and open source, with openness to candidates who bring transferable experience from adjacent research, application security, or detection‑focused roles. Team & Culture The Vulnerability Research team works closely with GitLab Security, Development, and Product to build, tune, and improve the efficacy of the security capabilities integrated into GitLab. We focus on practical research that strengthens detection quality, supports advisory content, and translates emerging vulnerability knowledge into product improvements across a distributed, asynchronous environment. Compensation & Benefits Base Salary Range (U.S.): $98,000—$210,000 USD. Salary is determined through interviews and a review of education, experience, knowledge, skills, abilities, equity with other team members, alignment with market data, and geographic location. The base salary range does not include bonuses, equity, or benefits.
- Health, financial, and well‑being benefits
- Flexible Paid Time Off
- Team Member Resource Groups
- Equity Compensation & Employee Stock Purchase Plan
- Growth and Development Fund
- Parental leave
- Home office support Equal Opportunity GitLab is proud to be an equal opportunity workplace and is an affirmative action employer. Our policies and practices relating to recruitment, employment, career development and advancement, promotion, and retirement are based solely on merit, regardless of race, color, religion, ancestry, sex (including pregnancy, lactation, sexual orientation, gender identity or gender expression), national origin, age, citizenship, marital status, mental or physical disability, genetic information, discharge status, or any other basis protected by law. GitLab will not tolerate discrimination or harassment based on any of these characteristics. See also GitLab’s EEO Policy and EEO is the Law. If you have a disability or special need that requires accommodation, please let us know during the recruiting process. #J-18808-Ljbffr Apply on Kit Job: kitjobau.com/job/3rphsk
- Carry out vulnerability research and develop proof of concepts that inform GitLab security products and internal security efforts.
- Curate advisory databases for dependency scanning by reviewing, editing, and adding advisories while reducing repetitive manual work through automation.
- Build benchmarks that test the efficacy of scanning and detection products across supported security categories.
- Measure product efficacy over time and use findings to improve the quality and reliability of detection results.
- Assess security product output and perform root cause analysis to identify gaps, false positives, false negatives, and opportunities for improvement.
- Write detailed technical reports that document research findings, methods, and recommendations clearly.
- Respond to internal and external questions related to vulnerabilities, advisories, and detection behavior.
- Collaborate with Security, Development, and Product teams to apply research insights to GitLab’s integrated security capabilities. Qualifications
- Experience developing or improving vulnerability detection capabilities in web security or a closely related area.
- Knowledge of the vulnerability management process and how research connects to product outcomes.
- Understanding of software composition analysis and software supply chain ecosystems.
- Experience with source code analysis, static application security testing, dynamic application security testing, and benchmarking the efficacy of security tools.
- Knowledge of compilers and compiler design as it relates to code analysis and detection techniques.
- Experience building automated web security testing or analysis tools.
- Ability to contribute in a product development workplace and work effectively with cross‑functional partners.
- Interest in security and open source, with openness to candidates who bring transferable experience from adjacent research, application security, or detection‑focused roles. Team & Culture The Vulnerability Research team works closely with GitLab Security, Development, and Product to build, tune, and improve the efficacy of the security capabilities integrated into GitLab. We focus on practical research that strengthens detection quality, supports advisory content, and translates emerging vulnerability knowledge into product improvements across a distributed, asynchronous environment. Compensation & Benefits Base Salary Range (U.S.): $98,000—$210,000 USD. Salary is determined through interviews and a review of education, experience, knowledge, skills, abilities, equity with other team members, alignment with market data, and geographic location. The base salary range does not include bonuses, equity, or benefits.
- Health, financial, and well‑being benefits
- Flexible Paid Time Off
- Team Member Resource Groups
- Equity Compensation & Employee Stock Purchase Plan
- Growth and Development Fund
- Parental leave
- Home office support Equal Opportunity GitLab is proud to be an equal opportunity workplace and is an affirmative action employer. Our policies and practices relating to recruitment, employment, career development and advancement, promotion, and retirement are based solely on merit, regardless of race, color, religion, ancestry, sex (including pregnancy, lactation, sexual orientation, gender identity or gender expression), national origin, age, citizenship, marital status, mental or physical disability, genetic information, discharge status, or any other basis protected by law. GitLab will not tolerate discrimination or harassment based on any of these characteristics. See also GitLab’s EEO Policy and EEO is the Law. If you have a disability or special need that requires accommodation, please let us know during the recruiting process. #J-18808-Ljbffr Apply on Kit Job: kitjobau.com/job/3rphsk
Highlights
-
Company nameGitlab -
Job positionIntermediate Vulnerability Researcher, Ast: Vulnerability Research (Melbourne)
-
Flag -
Block ad
Safety Tips
Be careful with commission-based ’work-from-home’ positions that offer an unrealistically high income.
Related searches
More info about this ad
Intermediate Vulnerability Researcher, Ast: Vulnerability … has been posted in the Melbourne Education & Training category on Locanto.
In this category, there are no other ads right now posted in Melbourne.
You can find the Education & Training category under Jobs. Want something else? Check out the related categories Arts & Culture, Information Technology and Part Time Jobs & Side Jobs Melbourne.
Interested in more? Widen your search to view ads in nearby areas of Melbourne. This includes Education & Training in Southbank, Fitzroy and Ascot Vale. There are more ads within a 15 km radius for this category. If you want to view those ads, click here.
