Do you want to help eliminate barriers between ideas and business outcomes? We want you to bring your unique experiences and creative ideas to the table. CA Technologies provides software and solutions that help our customers to develop, manage, and secure complex IT environments to increase productivity and enhance competitiveness in their businesses. It’s our aim to encourage global collaboration and results-oriented innovation, while supporting and developing our talented people and our communities. CA Technologies will empower you to drive authentic success, for both the business and yourself in the application economy.

The Principal Researcher at CA Veracode is responsible for conducting security research projects across a wide range of security topics. You will raise awareness of CA Veracode and drive change throughout the industry by presenting at top security conferences, publishing compelling content, and engaging with the security community. You should have a significant body of public work including presentation experience at prominent technical security conferences.

Responsibilities:

• Conceptualize, scope, and execute on security research projects across a wide range of security topics, prioritizing emerging technology areas where security research is novel such as IoT, AI/ML, cryptocurrency, cloud functions, etc.
• Produce public-facing artifacts (e.g. whitepapers, tools, presentations) that can be used to drive interest in these projects
• Promote your research by speaking at industry conferences and engaging visibly on social media and/or in other public forums

Skills & Requirements:

You should love tackling difficult problems, and you should be able to learn quickly and independently, including technologies that you’ve had no past experience with. It’s also crucial that you’re effective at both verbal and written communication to diverse audiences. Above all, you should be a creative and motivated with genuine enthusiasm, not just aptitude, for security research. We’ll expect you to bring interesting, relevant project ideas to the table. Other things we’re looking for:

• 5-10 years of practical security work experience or equivalent hobbyist portfolio, in areas such as (but not limited to) software/hardware auditing, penetration testing, vulnerability research, reverse engineering, threat modeling, SDLC, DFIR, etc.
• Prototyping ability, i.e. enough coding skills to hack together quick and dirty tools to solve a problem or demonstrate feasibility
• Seasoned, articulate public speaker, with professional demeanor and experience presenting to both technical and non-technical audiences at prominent industry conferences
• Press/media experience a plus, but not required
• Excellent attention to detail and quality
• Strong analytical, organizational, and technical writing skills
• Desire and ability to collaborate with other researchers at CA Veracode or external researchers

Artifacts: 

If not already listed on your resume, will request links to:

• Security research you’ve personally conducted (e.g. whitepapers, blog posts, etc.)
• Videos and/or slide decks of recent conference presentation(s)
• Media interviews you’ve done, if applicable