Researching web frameworks and servers to identify and understand emerging threats
Examining and replicating newly disclosed web application vulnerabilities
Focusing on WAF (Web Application Firewall) evasion techniques to preemptively bypass defenses before hackers can
Creating innovative proof of concept solutions for advanced threats and continuously refining attack signatures
Gathering web security intelligence from blogs, forums, conferences, and academic papers
Building tools and infrastructure for analyzing attacks
Composing and distributing insights through blogs, reports, and presenting at security conventions
Periodically performing security efficacy assessments on a variety of products to verify and improve their defense capabilities

Requirements

At least 2 years of experience in analyzing real web attacks or web exploitation
A deep knowledge of networking fundamentals, the HTTP protocol, web servers, and the inner workings of web applications
Experience in tracking emerging web vulnerabilities in real-time
Experience in building research infrastructure and Python-based tools
Experience with creating and comprehending Regular Expressions for detailed pattern matching and security-related data analysis
In-depth knowledge of security principles, theories, and recognized attack vectors
Experience in creating attack signatures, such as with tools like SNORT.
Advantage: Analyzing binary malware and malicious scripts
Advantage: Knowledge in web development (front and back end)

Benefits

Incentive compensation
Bonus
Restricted stock units
Health benefits

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard skills

web application vulnerabilitiesWAF evasion techniquesproof of concept solutionssecurity efficacy assessmentsnetworking fundamentalsHTTP protocolRegular Expressionsattack signaturesbinary malware analysismalicious scripts analysis

Soft skills

research skillsanalytical skillscommunication skillspresentation skillsinsight distribution