Software Security Researcher / Engineer

Deine Rolle im Team

• Developing and maintaining a continuously updating security knowledge base, integrating sources such as CVE, CWE, and other security intelligence feeds.
• Designing and curating high-quality datasets, including real-world vulnerabilities and synthetic scenarios for AI model training.
• Developing software security analysis techniques to detect critical vulnerabilities across complex codebases.
• Designing structured, context-rich representations of vulnerabilities and security insights for consumption by AI agents.
• Contributing to the integration of security knowledge and analysis pipelines into AI-driven workflows.
• Evaluating detection accuracy and improving coverage across different vulnerability classes.

Unser Angebot

• Work on cutting-edge research at the intersection of AI and software security.
• Contribute to technology that addresses real-world, high-impact security challenges.
• Be part of a highly ambitious, research-driven team.
• Shape the future of autonomous, intelligent security systems.
• A challenging and exciting role with a high degree of creative freedom in a research institution dedicated to shaping the future of information security in a scientific and strongly international environment.
• A strong commitment to work-life balance and equal opportunities; all positions are generally suitable for part-time work.
• Compensation and social benefits in accordance with the German public sector collective agreement (TVöD Bund).
• A fixed-term position.
• Up to two days of remote work per week (subject to operational requirements).
• Flexible working hours.
• Occupational pension scheme (VBL).
• Opportunities for professional development and further training.
• Subsidized job ticket.
• Social and team-building activities.
• Workplace health management programs.

Technologien und Skills

• Rust
• Go

Unsere Erwartungen an dich:

Qualifikationen

• Solid understanding of common vulnerability classes such as OWASP Top 10, CWE, and CVE ecosystems.
• Solid knowledge of secure coding practices in various languages.
• Deep understanding of contextual and chained code-related vulnerabilities (real-world & CTF).
• Understanding of software architecture, APIs, and modern development practices.
• Strong programming skills, proficiency in Go or Rust is a plus.
• Have worked on large-scale or real-world software systems and security analysis pipelines.
• Have developed or applied code reachability analysis methods for vulnerability detection or prioritization.
• Have a track record of contributing to the broader security community or publishing original research, finding vulnerabilities in various code bases.

Erfahrung

• Experience with program analysis techniques, including static and dynamic analysis and taint tracking.
• Solid experience with existing SAST and DAST tools.
• Experience working with vulnerability datasets and security benchmarks.
• Have experience applying machine learning to software security tasks.
• Have experience building or maintaining a security intelligence layer that integrates vulnerability data, threat intelligence, and system-specific context.
• Have experience with program analysis tools such as Tree-sitter.

Ausbildung

• Bachelor's degree in Computer Science or a related field, Master's or PhD preferred.

Benefits

• Flexible Arbeitszeiten
• Home Office