Similar Jobs at monday.com
We are monday.com, a global software company transforming how businesses run. Our product suite can adapt to the needs of diverse industries and use cases within one powerful platform, empowering ~245,000 customers worldwide to reimagine how work gets done, drive greater efficiency, and scale like never before.
With over 2,500 employees across the globe, we grow by prioritizing transparency and knowledge sharing. We care about the impact you make, not the hours you clock, so we encourage initiative, ownership, and fresh thinking. We back our people with flexible work, wellness and mental health support, and a work environment built on collaboration.
monday.com is looking for an application security researcher to research our platform for vulnerabilities, manage our bug bounty program, and work with R&D to enhance the security of our platform. The Application Security Team is based in our headquarters, Tel Aviv, Israel - you’ll be the first to join the team from London.
monday.com works hybrid with 3 days in the London office.
About The Role
- Perform black, gray, and white box penetration testing on monday.com’s platform - both frontend and backend.
- Manage the bug bounty program, including hacker engagement and communication with the hacker community.
- End-to-end work on reported vulnerabilities as part of the bug bounty program.
- Provide guidance on security best practices to developers.
- Embed/improve security threat modeling and secure coding in the development lifecycle.
- Develop security abuse cases for testing as part of the software development lifecycle.
- Perform and oversee security testing and manage remediation of identified vulnerabilities.
- Monitor and proactively report on current threats and vulnerabilities to application security.
- Initiate and automate processes for detecting and monitoring the platform security.
Requirements
- Scripting capabilities and automation mindset.
- At least 2 years of experience in web penetration-testing, blackbox and whitebox.
- In-depth knowledge of application security vulnerabilities, testing techniques, and the OWASP framework.
- Experience working with the hacker/pen-testing community.
- Team player able to and build relationships across the organization, also remotely.
- Understanding of secure web application development.
- Comprehensive knowledge of IT and information security subject matter.
- Exposure to methods of promoting security awareness.
- Strong communication (verbal/written) and influencing skills, with an ability to manage internal and external relationships.
- Anticipates problems and identifies long-term implications of decisions and actions.
- Ability to work and learn alone.
- Able to prioritize workload and drive work to set deadlines.
#LI-DNI
Social Title
Application Security Researcher
Social Description
None
Our Team
None
Position Type
None
What you need to know about the Boston Tech Scene
Key Facts About Boston Tech
- Number of Tech Workers: 269,000; 9.4% of overall workforce (2024 CompTIA survey)
- Major Tech Employers: Thermo Fisher Scientific, Toast, Klaviyo, HubSpot, DraftKings
- Key Industries: Artificial intelligence, biotechnology, robotics, software, aerospace
- Funding Landscape: $15.7 billion in venture capital funding in 2024 (Pitchbook)
- Notable Investors: Summit Partners, Volition Capital, Bain Capital Ventures, MassVentures, Highland Capital Partners
- Research Centers and Universities: MIT, Harvard University, Boston College, Tufts University, Boston University, Northeastern University, Smithsonian Astrophysical Observatory, National Bureau of Economic Research, Broad Institute, Lowell Center for Space Science & Technology, National Emerging Infectious Diseases Laboratories
