At Jit, we're on a mission to help engineering teams build secure software, faster.
We're looking for an Application Security Researcher with a strong AppSec background to join our growing team and push the boundaries of what modern application security can do.
Passionate about AppSec? Ready to shape the future of application security tooling? Join us.
Responsibilities:
- Build and maintain an advanced security research lab to test, evaluate, and supercharge detection tools.
- Analyze tools across multiple domains: SAST, SCA, DAST, Secret Detection, IaC Scanning, Container Scanning, CSPM, and more.
- Identify detection gaps and develop techniques and rules to close them.
- Leverage Python and AI practices to automate research and drive smarter detection strategies.
- Monitor emerging threats, CVEs, and high-profile incidents - and develop relevant detection content and platform enhancements.
- Write and publish technical content covering vulnerabilities, detection strategies, incident analysis, and research findings.
- Collaborate closely with engineering, product, and marketing to translate research into product innovation and thought leadership.
What are we looking for?
- 3+ years of hands-on experience in Application Security, with strong knowledge of software vulnerabilities, secure coding practices, and modern development workflows.
- Deep familiarity with at least one major AppSec domain: SAST, SCA, Secret Detection, IaC Scanning, Container Scanning, CSPM, or DAST.
- Strong Python skills.
- Familiarity with CI/CD pipelines and modern DevOps workflows.
- Ability to thrive in a fast-paced, dynamic startup environment.
Bonus points for:
- Hands-on experience using AI tools and practices.
- Experience working with Docker containers.
- Knowledge of cloud-native security challenges (AWS, GCP, Azure).
- Contributions to open-source security tools, technical blogs, or research publications.
Why Jit?
At Jit, you’ll join a passionate, fast-moving team on a mission to simplify and automate security for developers.
You'll get ownership, autonomy, and the chance to make a real impact on a product that’s redefining how software gets secured.
