CA Technologies Research Engineer in Collyer Quay, Singapore

Do you want to help eliminate barriers between ideas and business outcomes? We want you to bring your unique experiences and creative ideas to the table. CA Technologies provides software and solutions that help our customers to develop, manage, and secure complex IT environments to increase productivity and enhance competitiveness in their businesses. It’s our aim to encourage global collaboration and results-oriented innovation, while supporting and developing our talented people and our communities. CA Technologies will empower you to drive authentic success, for both the business and yourself in the application economy.

Job Overview

As a Software engineer you will work closely with the CA Veracode engineering team to research and maintain our vulnerability database. You will also help identify new vulnerability data sources and implement processes to improve the quality of our data. As part of this team you will get the opportunity to work on improving the state of security in open-source code. We provide a great engineering culture and give lot of autonomy to individuals to work on interesting problems relevant to our business that can have big impact.

  • Responsibilities:*

  • Review incoming commits, emails, and bug reports to look for vulnerabilities in open source libraries

  • Triage the newest vulnerabilities released

  • Track library release notes and associated security bulletins Publish high quality vulnerability advisories with exploit information, details about risk, and mitigation/workaround details

  • Develop tools and techniques to identify new vulnerabilities and analyze vulnerable methods

  • Perform risk assessments on vulnerabilities identified, then describe the risk posed to customers

  • Use in-house tooling and/or custom tooling to do low probability, high payoff moonshot style research into the most popular libraries

  • Other activities relating to security research around library vulnerabilities

  • Required Skills:*

  • BS/MS in Computer Science or related field, or relevant industry experience is required

  • 0-2 years experience in vulnerability analysis

  • Working knowledge of programming languages such as Java, Python, JavaScript, Ruby, Go, or C/C++

  • Knowledge of package management systems such as Maven, RubyGems or Npm

  • Knowledge of software security vulnerability types and common attack methods

  • A strong ownership attitude and a track record of taking responsibility for problems, deadlines, and SLAs

  • Strong problem solving and communication skills

  • Strong written (English) and verbal communication skills necessary for writing up vulnerability publications

  • Desired Skills:*

  • Familiarity working in an environment that heavily utilizes cloud services and cloud-based infrastructure

  • Experience working as a security researcher,

  • Enjoys working on low probability but huge payoff research problems

  • Familiarity working in an environment with strict security requirements

  • More About Working at CA:*

CA has earned scores of global Workplace Excellence awards in the last few years – and there’s a reason for that. Here you’ll have the opportunity to eliminate barriers for our customers and earn a competitive compensation and total rewards package – all while pushing the boundaries of what’s possible by collaborating with a diverse team of global innovators. In short, CA’s fun, diverse, and fast-paced culture has put us on the map as one of the best employers in Information Technology.

Learn more about CA Technologies and this opportunity now at

/ Note to Recruiters and Placement Agencies: We do not accept unsolicited agency resumes. Please do not forward unsolicited agency resumes to our website or to any of our employee. We will not pay fees to any third party agency or firm and will not be responsible for any agency fees associated with unsolicited resumes. Unsolicited resumes received will be considered our property and will be processed accordingly./