About Netskope

Within Netskope Engineering, we have invented a Next Generation SaaS Security Posture Management (SSPM) tool that gives enterprises workload and compliance visibility to protect critical data within their numerous Software-as-a-Service deployments. The research team for this product works as content producers, pathfinders and minesweepers. The researcher's duties are to discover the best solutions to the problems our customers are facing before they know they have them and to find flaws in our design choices before we engineer them.

For this mission, we are looking for a new staff security researcher to lead a team investigating security-focused application integrations and content development for the platform.

About the role

We believe Netskope’s SSPM team is the best place for you to work if you seek:

• An opportunity to shape the design of a novel product and have a significant role on the impact it makes in the enterprise security domain.

• To solve intellectually rewarding problems with a meaningful purpose.

• A position with high agency and trust on how you choose to work.

• An amazing work environment, competitive compensation, benefits and great perks.

• The rest of the great reasons to join Netskope as described in https://www.netskope.com/company/careers

Job Responsibilities

Some examples of the problems the team needs to solve could include:

• Implement security and compliance content to the product. Help make the correct security configuration decisions on behalf of our customers.
• Investigate SaaS design and data models and translate them to security graphs consumed by the SPM product. Study API design, hardening manuals and security best practices to discover the essential security caveats of the target applications.
• Find novel solutions to provide visibility, security, compliance and remediation tools for enterprise SaaS application environments.
• Explore different threat vectors for cloud services.
• Support multiple stakeholders such as engineering, research, product management, customer success, and customer support teams as a domain expert.
• Public writing and presentation opportunities, such as publishing articles, blogs or papers in relevant conferences.

Essential Qualifications

BS (MS Preferred) - Computer Science, Information Security or comparable experience.

Broad work experience in the information security domain. Experience in securing SaaS applications is an asset.

Domain Experience

The technical domains you would be working on day one would benefit from demonstrable familiarity of the following:

• A solid understanding of Information Security and applying it on unknown domains. Ability to translate and communicate information security concepts and requirements to various audiences.
• Experience from security analysis work, pentesting, enterprise SaaS deployment hardening duties or from security content development.
• Proficient in scripting language of one’s choice to be able to solve technical problems with code.
• Experience with public cloud security and other security solutions is an asset. Experience on novel product development, API-based automation and programming are great merits as well.

Additional Skills

To perform this duty successfully, a candidate ideally has the following non-technical skills:

• Great written and verbal communication skills.
• Management, coaching, mentoring and leadership skills.
• Fast learner, intuitive and creative. Comfortable working in unknown domains.
• Be opinionated and not afraid of expressing oneself.
• Precise, careful and detail oriented.
• Ability to work in a geo-distributed cross-functional group in asynchronous fashion.

#LI-NN1