Threat Detection and Script Engineer

Requirements

• At least 4 years of experience as a Software Engineer
• 1+ years of experience in Сore Vanilla JavaScript
• Strong refactoring and reverse engineering skills, meaning understanding the execution flows, side effects, implications and intentions of the code being inspected (needed for malicious code reverse engineering purposes)
• Knowledge of different browser APIs
• Knowledge of CS fundamentals, algorithms, and data structures
• Understanding of browsers, browser security policies
• Understanding of HTTP protocol
• Upper-Intermediate level of English

Would be a plus

• Experience with obfuscation and deobfuscation
• 1+ years with any webdriver-based technology (Selenium, Puppeteer etc.)
• Strong debugging skills including debugging 3rd party mobile applications and analyzing their traffic using MITM-proxy (Charles/Fiddler/mitmproxy/Burp Suite) and other tools (Postman etc.)
• Good understanding of code transformation tools and/or bundlers
• Bulletproof coding skills in terms of “can”/”cannot”, not “should”/”should not”

Personal Profile

• Ability to work effectively without constant supervision and manage tasks autonomously
• Willingness to take initiative, seek out missing information, and follow up without being prompted
• Strong sense of responsibility, with a commitment to owning and completing tasks thoroughly
• Ability to communicate in a structured and professional manner, especially with external stakeholders

Responsibilities

• Monitor existing threats by analyzing logs, detection mechanisms, and dashboards (e.g., Kibana)
• Investigate suspicious activity detected in logs and ensure appropriate mitigation steps are taken to prevent missed threats
• Research and respond to reported threats, including escalations and complaints from customers
• Analyze intelligence received from competitors and other industry sources to stay ahead of emerging threats
• Proactively research and identify new types of threats through open-source intelligence and internet investigation
• Act as a bridge between the script engineering team and the threat research team, understanding script capabilities and identifying ways to improve threat detection and mitigation
• Support and maintain the detection scripts by investigating and fixing issues that arise on Customer websites
• Conduct in-depth investigations to explain unusual or suspicious patterns, ensuring a thorough understanding of threat scenarios
• Write forensic reports and technical documentation (AKA “smoking guns”) describing potential attacks and how they were prevented