About Socket
Simplifying blockchain integration for developers everywhere
Key Highlights
- Over 100 trusted wallets and apps including Coinbase & Metamask
- Processed $10 billion+ in transaction volume
- 7 million+ transactions across multiple blockchains
- Headquartered in San Francisco, CA
Socket is pioneering the first Chain Abstraction protocol, allowing developers to seamlessly integrate with any app, user, and asset across various rollups and chains. Trusted by over 100 wallets and applications, including Metamask, Coinbase, and Opensea, Socket has processed more than $10 billion ...
🎁 Benefits
Socket offers competitive salaries, equity options, flexible remote work policies, and generous PTO to support work-life balance....
🌟 Culture
Socket fosters a culture of innovation and collaboration, prioritizing engineering excellence and a remote-friendly environment that encourages creati...
Vulnerability Research Engineer • Mid-Level
Skills & Technologies
Overview
Socket is hiring a Vulnerability Research Engineer to build and scale patching infrastructure for secure package delivery. You'll work with JavaScript and Node.js to create patches for critical vulnerabilities. This position requires deep technical expertise in vulnerability detection and patching processes.
Job Description
Who you are
You have a strong background in vulnerability research and patching processes — you've worked on projects that required deep technical knowledge of security practices and tools. Your experience with JavaScript and Node.js allows you to effectively contribute to the development of automated patching infrastructure. You are passionate about supply chain security and understand the importance of maintaining a secure open source ecosystem.
You thrive in collaborative environments — you enjoy working with cross-functional teams to prioritize high-impact vulnerabilities and deliver solutions that benefit the community. Your ability to communicate complex technical concepts clearly makes you a valuable team member. You are proactive in seeking out opportunities to improve processes and tools, ensuring that the patching efforts are efficient and effective.
What you'll do
In this role, you will master Socket workflows and tools, leading patching efforts for high-impact vulnerabilities across npm packages. You will scale patch production to dozens or hundreds of patches per week, helping to select and prioritize high-value patches based on ecosystem and customer impact. Your technical input will be crucial in determining patch prioritization, ensuring that the most critical vulnerabilities are addressed promptly.
You will build and improve automated patching infrastructure and tooling, designing and implementing scalable patch generation and delivery systems. Your work will involve developing automated vulnerability detection and patch creation processes, contributing to the overall security of the open source ecosystem. As an early member of the Socket team, you will have the opportunity to shape how we scale this technology and make a meaningful impact on the community.
What we offer
At Socket, we foster a culture of ownership and collaboration, where every team member feels empowered to contribute to our mission. We prioritize customer needs and strive to exceed their expectations, creating a positive impact in the developer community. Join us to be part of a team that values innovation and security, and help us build a safer open source ecosystem.
Interested in this role?
Apply now or save it for later. Get alerts for similar jobs at Socket.
Similar Jobs You Might Like
Based on your interests and this role
Vulnerability Analyst
Coalfire is hiring a Vulnerability Analyst to enhance their vulnerability management processes and drive compliance in cloud-based environments. This role requires a strong understanding of cybersecurity challenges and a collaborative mindset.
Security Engineer
Bugcrowd is hiring a Cleared Vulnerability Research Engineer to focus on end-to-end exploit development for real-world targets. You'll work with technologies like Python and Metasploit to design and validate novel vulnerability discovery capabilities. This position requires strong technical skills and the ability to work independently.
Security Engineer
Celonis is seeking a Senior Vulnerability Management Engineer to safeguard their cloud-native and on-prem infrastructure. You'll execute vulnerability scans and provide actionable intelligence to remediation teams, requiring 5+ years of experience in vulnerability management.
Security Engineer
Horizon3 AI is hiring a Senior Attack Engineer - Vulnerability Research to develop and maintain their NodeZero platform. You'll leverage the latest InfoSec news to weaponize newly discovered vulnerabilities. This position requires strong skills in Metasploit, Python, and Linux.
Security Engineer
Meta is hiring a Security Engineer specializing in Vulnerability Management to enhance the company's security posture. You'll collaborate with cross-functional teams to identify and prevent vulnerabilities during the development process. This role requires experience in security practices and tools.