Join the Mend Team!

It’s an exciting time to be at Mend.
Here, helping our people thrive lies at the heart of our culture. The people who drive our success are a global and diverse group who support each other and share a passion for safeguarding a digital world.

At Mend we are building a strong, diverse team of curious, creative people who support each other and produce innovative software products.

Software Engineer – SAST Group

Kraków, Małopolskie, Poland

Mend is passionate about safeguarding the applications that power our digital world. We are a fast-growing company with a vision for building next-level application security that developers and security teams both love to use. We have offices in Boston and Tel-Aviv as well as a global workforce of remote workers. 

Our culture is open, inclusive, and engaging, and we work hard to foster a company where everyone feels valued.

Mend is a company that lives by its values:

  • We are passionate about excellence
  • We see the world from the customer’s perspective
  • We are better together

We are seeking a brilliant and independent Application Security Engineer to join our team.

This position is a one-of-a-kind opportunity to join a unique team responsible to create the next generation of security detection and remediation platform. You will make a remarkable impact on Mend and on the entire security application industry.

We are looking for security application enthusiasts. If you are up for the challenge, come and join us!

We are expanding our portfolio of products, by starting the development of a new, State-Of-The-Art, cloud-based solution in the field of application security via static application security testing (SAST).

Responsibilities:  

  • Developing and improving Mend SAST for various programming languages
  • Performing security source code analysis.
  • Analyze application vulnerabilities and provide mitigation strategies.
  • Analyzing different programming frameworks in different programming languages for potential sources and sinks for SAST.
  • Handle complex cases escalated from other teams.

Requirements: 

  • At least 3 years of hands-on experience in Perl and Java programming – Must!
  • Understanding at least 2-3 of the following programming languages -Java, C#, Go, JS, Python, PHP, Ruby, etc- Must!
  • At least 3 years of experience in application security or security research, including the understanding of application security attacks, vulnerabilities, and mitigations- Big Advantage!
  • Language agnostic approach to vulnerability identification in the source code (ability to read multiple programming languages source code and identify vulnerable parts).
  • Knowledge of common Web Application security vulnerabilities (OWASP TOP10, SANS 25, etc.)
  • Experience with static code analysis (fuzzing tools are a plus, but not necessary ).
  • Excellent English – written and verbal.
  • Independence and can-do attitude, ambitious with a high work ethic.
  • Excellent interpersonal and communication skills.

Advantages: 

  • BSc or BA in Computer Science or a similar degree. 
  • Experience working with development teams.
  • Experience with bug bounty research or published advisories or exploits for discovered 0day vulnerabilities in applications. 
  • Knowledge of PERL scripting languages or the desire to acquire this experience.
  • Regular Expressions knowledge, or the desire to acquire experience with RegEx.


Mend’s Diversity Commitment

At Mend, we believe bringing together diversity of experience and background creates a better place to work, a better product, and more opportunities to innovate. Mend is committed to doing its part to mend the equity gap, fostering a safe, inclusive environment to inspire and support employees to be their authentic selves and provide development opportunities for all.