Security Researcher

About Netsparker

We are a young and dynamic company with great technical skills and a passion for web application security. We are currently developing one of the most innovative security scanners in the market, used by thousands around the world, including an impressive list of leading companies and government agencies.

Although the company is based in London (UK), its entire workforce is virtual, with team members around the world using the latest tools and techniques to contribute, collaborate and get their jobs done.

To keep it real, we meet up occasionally (most recently in Cappadocia) but, for the most part, we prefer to sidestep the outdated rituals of old-school business. We have no dress code or fixed working hours and we don’t suffer from micro-management; just a shared determination to make our product better and to satisfy the needs of our enthusiastic customer base.

Every aspect of our business operates within an agile results-driven “startup” mindset. We exchange information freely within our team and encourage every member to take risks that will give us an edge on our competition.

If this sounds like the kind of ethos that would suit your personal style, why not check out the job spec and then tell us how you fit the bill?

Web Application Security Researcher

You will join to the Netsparker security & research team as a Web Application Security Researcher.

Required Skills & Knowledge

  • A very deep understanding of web application security vulnerabilities (both client-side and server-side)
  • A hands on experience in exploitation of web application security issues
  • Basic web application development skills (e.g. ASP.NET, ASP, PHP, PERL, J2EE, JSP)
  • Basic system administration skills such as installing and maintenance of operating systems (Windows and Linux), web/application servers and database systems


  • Research and development of new web vulnerability detection techniques
  • Developing attack signatures and heuristic models for the known security vulnerabilities
  • Writing vulnerable test cases for each added security check
  • Diagnosing security check bugs
  • Following the latest techniques in the field
  • Providing content for regular blog posts, tools and conference presentations

Required Soft Skills

  • Good written and verbal communication skills (English)
  • Self-motivated
  • Ability to work remotely as part of a virtual team
  • Good interpersonal skills
  • Familiarity with the following concepts: RTFM, DRY, GTD, JFGI


This is a remote-only position. You must be able to work around the GMT+0 time zone.

How to Apply

Email your CV to