***Checkmarx is the leader in application security and ensures that enterprises worldwide can secure their application development from code to cloud. Our consolidated platform and services address the needs of enterprises by improving security and reducing TCO, while simultaneously building trust between AppSec, developers, and CISOs. At Checkmarx, we believe it’s not just about *finding* risk, but *remediating* it across the entire application footprint and software supply chain with one seamless process for all relevant stakeholders.
We are honored to serve more than 1,800 customers, which includes 40 percent of all Fortune 100 companies including Siemens, Airbus, SalesForce, Stellantis, Adidas, Wal\-Mart and Sanofi.
*What you’ll do**
Perform in\-depth analysis of open\-source packages to identify malicious behavior
Analyze source code across multiple programming languages
Investigate obfuscation, suspicious execution flows, and hidden payloads
Evaluate and validate detections from security tools
Develop scripts and internal tools (primarily in Python) to support analysis
Collaborate with the SCS research team and other security teams in the group
Requirements
*What we’re looking for**
2–3 years of professional experience in malicious code analysis or security research
Strong understanding of malicious code patterns and supply\-chain attack techniques
Experience using Python for analysis or automation
Familiarity with both interpreted and compiled languages