Security Researcher - Analyst

About the Role

Title: Security Researcher/Analyst - anti-malware product (Web Protection Team), remote

Location: anywhere in the world. Remote

Type: Full-time

Workplace: Fully remote

Job Description:

Our growing Imunify Security team is looking for a Security Researcher/Analyst. You will be responsible for analyzing various types of web threats aimed at the web hosting servers and improving our products to prevent infections in the future. This is a great opportunity to unleash your talents in web application security.

Imunify360 Security Suite is a product of CloudLinux Inc., the maker of the #1 OS in security and stability for hosting providers. It is an innovative security solution designed specifically for shared and VPS/Dedicated servers. The automated, easy-to-use solution with the six-layer approach to security delivers comprehensive and complete attack prevention. Work is fully remote, with flexible hours, so you can plan your day and work from anywhere in the world.

Join us to make a difference!

As a Security Researcher/Analyst, you will:

- Research cyberattacks affecting and targeting major business infrastructures;

- Participate in threat hunting and threat intelligence research projects;

- Analyze and mitigate the latest web vulnerabilities (both 0-day and patched), participate in communication with the responsible authority;

- Develop and improve internal tools for automatic threat analysis;

- Investigate incidents for the benefit of our customers.

Requirements

To be successful, you should have:

Wide experience with web attacks (web application and browser security) and their mitigation methods;

Good understanding of web server software and hosting systems architectures (Linux/UNIX-based);

Good understanding of the PHP language, proven experience in code analysis/scripting;

Familiarity with web-based malware;

AI/ML skills or strong willingness to learn and apply AI in security automation;

Knowledge of English no lower than upper-intermediate.

It is a plus if you also have:

Experience in developing security tools, automation, and frameworks;

Python Development Experience

Experience of participation in CTF, bug bounty programs;

Experience in finding vulnerabilities, CVE IDs assignment;

Familiarity with ModSecurity and OSSEC.

Benefits

What's in it for you?

A focus on professional development.

Interesting and challenging projects.

Fully remote work with flexible working hours, which allows you to schedule your day and work from any location worldwide.

Paid 24 days of vacation per year, 10 days of national holidays, and unlimited sick leaves.

Compensation for private medical insurance.

Co-working and gym/sports reimbursement.

Budget for education.

The opportunity to receive a reward for the most innovative idea that the company can patent.