Overview
Required skills
JavaScript / strong Kibana / good Selenium / Puppeteer / good English / strong
As a Threat Research and Script Engineer, you’ll monitor and analyze digital threats, reverse-engineer malicious code, and enhance detection capabilities.
Working closely with engineering and research teams, you’ll investigate suspicious activity, respond to emerging threats, and document findings in technical reports.
This role requires strong JavaScript skills, knowledge of browser APIs and HTTP protocols, and sharp analytical thinking to stay ahead in the cybersecurity landscape.
Customer
Our customer is a leading provider of advanced security solutions focused on protecting individuals, organizations, and digital ecosystems from a broad spectrum of threats.
Specializing in the AdTech space, the company delivers cutting-edge bot defense and anti-malvertising technologies designed to safeguard advertising platforms from fraudulent and malicious activity.
Project
In the realm of digital security, the client’s platform delivers advanced bot defense and anti-malvertising solutions tailored for the AdTech ecosystem.
By leveraging in-depth threat research and customizable detection technologies, it empowers partners including SSPs, DSPs, agencies, and publishers to proactively safeguard their systems and maintain secure, trustworthy ad environments.
Requirements
Requirements
At least 4 years of experience as a Software Engineer1+ years of experience in Сore Vanilla JavaScriptStrong refactoring and reverse engineering skills, meaning understanding the execution flows, side effects, implications and intentions of the code being inspected (needed for malicious code reverse engineering purposes)Knowledge of different browser APIsKnowledge of CS fundamentals, algorithms, and data structuresUnderstanding of browsers, browser security policiesUnderstanding of HTTP protocolUpper-Intermediate level of English Would be a plus
Experience with obfuscation and deobfuscation1+ years with any web driver-based technology (Selenium, Puppeteer, etc.)Strong debugging skills including debugging 3rd party mobile applications and analyzing their traffic using MITM-proxy (Charles/Fiddler/mitmproxy/Burp Suite) and other tools (Postman etc.)Good understanding of code transformation tools and/or bundlersBulletproof coding skills in terms of “can”/”cannot”, not “should”/”should not” Personal Profile
Ability to work effectively without constant supervision and manage tasks autonomouslyWillingness to take initiative, seek out missing information, and follow up without being promptedStrong sense of responsibility, with a commitment to owning and completing tasks thoroughlyAbility to communicate in a structured and professional manner, especially with external stakeholders Responsibilities
Responsibilities
Monitor existing threats by analyzing logs, detection mechanisms, and dashboards (e.g., Kibana)Investigate suspicious activity detected in logs and ensure appropriate mitigation steps are taken to prevent missed threatsResearch and respond to reported threats, including escalations and complaints from customersAnalyze intelligence received from competitors and other industry sources to stay ahead of emerging threatsProactively research and identify new types of threats through open-source intelligence and internet investigationAct as a bridge between the script engineering team and the threat research team, understanding script capabilities and identifying ways to improve threat detection and mitigationSupport and maintain the detection scripts by investigating and fixing issues that arise on Customer websitesConduct in-depth investigations to explain unusual or suspicious patterns, ensuring a thorough understanding of threat scenariosWrite forensic reports and technical documentation (AKA “smoking guns”) describing potential attacks and how they were prevented