Key skills
ApacheJavaScriptLinuxNGINXPHPPythonWordPressPenetration TestingWAF
About this role
Role Overview
- Analyze and classify web malware: PHP shells, JavaScript injectors, WordPress backdoors, SEO spam, redirectors, cryptominers, and other threats targeting the hosting ecosystem
- Reverse-engineer obfuscated PHP and JavaScript to understand attacker techniques and extract detection patterns
- Write and refine PCRE-based detection signatures for our scanning engine precision matters, false positives erode customer trust
- Maintain processing SLAs as part of a globally distributed team providing round-the-clock malware coverage
- Research emerging threats new CMS exploitation techniques, supply-chain attacks on plugins/themes, zero-day delivery methods
Requirements
- Strong PCRE regex expertise, you understand anchors, non-capturing groups, performance implications, and can write complex patterns that are both accurate and efficient
- 3+ years working with PHP and/or JavaScript, reading, understanding, and analyzing code (differentiate legitimate and malicious artifacts, no software engineering skills required)
- Web malware reverse engineering, JS deobfuscation, PHP deobfuscation, unpacking encoded payloads
- Understanding of web attack injection, XSS, RCE, file upload exploits, and how they manifest in hosting environments
- Familiarity with web server and shared hosting architecture, Apache/Nginx/LiteSpeed, Reverse Proxy, PHP handlers, WAF, Namespaces, cgroups, Linux File system permissions
- English proficiency at upper-intermediate level or above
- Experience with WordPress internals (themes, plugins, hooks)
- Hands-on website cleanup or incident response experience
- Penetration testing or red team background
- Python scripting for automation and tooling
- Experience with YARA rules or other signature formats
- Familiarity with cPanel, Plesk, or DirectAdmin environments
We've intentionally broadened this list. If you bring strong analytical skills and a genuine curiosity about how malware works, but your background is in security research or adjacent fields rather than pure malware analysis, we want to hear from you. Our onboarding process and modern tooling will bridge the gaps.
Tech Stack
- Apache
- JavaScript
- Linux
- NGINX
- PHP
- Python
- WordPress
Benefits
- 5-day week (5 on / 2 off) on a fixed schedule aligned with your time zone
- Paid 24 days of vacation per year, 10 days of national holidays, and unlimited sick leaves to ensure you maintain a healthy work-life balance
- Compensation for private medical insurance
- Co-working and gym/sports reimbursement
- The opportunity to receive a reward for the most innovative idea that the company can patent, fostering a culture of creativity and innovation