Vulnerability Research Engineer

United StatesRemote

Responsibilities

What You'll Do - Master Socket workflows, tools, and patching processes - Lead patching efforts for high-impact vulnerabilities across npm packages - Scale patch production to dozens or hundreds of patches per week - Help select and prioritize high-value patches - Provide technical input on patch prioritization based on ecosystem and customer impact - Build and improve automated patching infrastructure and tooling - Design and implement scalable patch generation and delivery systems - Develop automated

benefits the entire ecosystem. As an early member of the Socket team, you’ll help shape how we scale this technology across the JavaScript ecosystem and beyond.
experience with production systems - Strong proficiency in Node.js, JavaScript, and TypeScript -
Experience with package managers (npm, yarn, pnpm) and the JavaScript ecosystem - Understanding of software security concepts and vulnerability management -
Experience building and scaling APIs and data processing pipelines - Familiarity with automated testing, CI/CD, and deployment systems Preferred: -
Experience with security tooling, vulnerability scanning, or patch management - Knowledge of software supply chain security challenges -
Experience with other package ecosystems (Python, Go, Rust, etc.) - Open source contributions or package maintenance
experience - Background in DevSecOps or security engineering -
Experience with high-throughput data processing systems Our Interview Process 1.
Feel a strong sense of ownership: We wear many hats and feel a strong sense of overall ownership of the company and we're non-territorial regarding our nominal domains. 6.

We offer: - Market competitive salary bands - Meaningful equity program - Comprehensive health
benefits for you and your family (99% coverage) - Flexible time-off, holidays, and winter shutdown to rest & recharge - Paid parental leave - Remote-first, with quarterly team off-sites At Socket, we 1.