Security Analyst

Description

Cycode is a rapidly growing cybersecurity startup and creator of the world’s first complete software supply chain security solution. According to Gartner, software supply chain attacks (like the one that impacted Solarwinds) will affect 45% of organizations and grow three-fold by 2025. Unfortunately, traditional AppSec offers little protection against these devastating threats. That’s where Cycode comes in. Our platform provides customers with complete visibility, security, and integrity across all phases of the software development lifecycle (SDLC) — to prevent them from becoming the next Solarwinds.

Cycode was founded in 2019 and is backed by top venture capital firms YL Ventures and Insight Partners. We’ve received numerous awards and recognition including being named one of the top cybersecurity startups in the Cyber Defense Magazine Top 100 (2020), Accel 2021 Euroscape Top 100, Analytics Insight “Top Cybersecurity Companies to Watch in 2021”, winner of the 2021 Cyber Defender Award and a finalist for the 2021 CISO Choice in Application Security. In 2023, we won Cyber Defense Magazine's Top Infosec Innovator.

As a security analyst, you will be an integral part of our security team and responsible for identifying, analyzing, and mitigating security threats across our AppSec solutions. You will work closely with our development and product teams to ensure the highest security standards.

Responsibilities:

• Conduct security assessments of AppSec scanners, including Secrets Detection, SCA, Static Analysis, IaC, and leak detection engines.
• Enhance the scanners by adding policies that improve their effectiveness based on thorough analysis and recent market trends.
• Improve graph database offering by developing risk-based queries to identify and prioritize security issues for customers.
• Analyze security vulnerabilities to enhance our reachability analysis engine, ensuring accurate identification and prioritization of vulnerabilities.
• Integrate threat intelligence data into the platform to boost detection and response capabilities.
• Research and stay up-to-date with the latest AppSec trends, attack vectors, and mitigation strategies.
• Conduct in-depth analysis of large-scale cybersecurity data sets to identify patterns, trends, and anomalies.

Requirements

• B.Sc in Computer Science/Software Engineering or a related field
• 1+ years of experience in application security, information security, or a similar role (internships and relevant projects considered).
• Ability to write scripts and POC code through various languages
• Understanding of security principles, vulnerabilities, and threat modeling.
• Excellent analytical and problem-solving skills.
• Strong communication and teamwork skills and ability to work with internal R&D and Product teams
• Fluent English