SiteLock Needs A Web Security Research Analyst I
Additionally, writing Regular Expressions to run against code which generate Signatures to improve our Automated Malware Identification and Removal Database.
The analyst will review large amounts of code daily, marking code snippets as Malicious or safe with a high level of accuracy. Familiarity with code de-obfuscation and web application security is required.
The Web Security Research Analyst will take a proactive approach to identifying security risks in files, databases and web content. Responsibilities for this position will include:
- Write regular expressions to clean/remove malicious code
- Decode and determine intent of suspicious code
- Create and deploy code snippets to catch suspicious code blocks
- Work directly with lower tier technical support to identify real time trends
- Deploy signatures in a timely, coordinated manner
- Clean site infections of malicious SEO spam
- Review signatures from other analysts for accuracy for final submission
- Work and respond to escalated CRM tickets submitted to the Research team
- Update and maintain the binary signature (BINSIG) queue signatures
- Submit new malicious sites and code to the signature queue
- Maintain documentation on Research Team processes and tools
- Work and respond to CRM tickets submitted to the Research team
- Perform penetration tests on common CMS plugins and themes
- Work with CMS, plugin, and theme developers to patch vulnerabilities
- Take the lead on incident triage when a Lead or Manager is not available
- Stay abreast of the latest web, WordPress, and general security-related developments
- Ability to write complex Perl regular expressions without a reference guide
- Familiar with ASP, .NET, C, or other programming languages
- Demonstrated understanding of programming and server-side scripting
- Minimum of two (2) years of experience with the Linux command line
- One (1) to two (2) years of experience and/or training pertaining to Internet security, or equivalent combination of education and experience
- Experience with penetration testing on web applications
- Ability to work without supervision, and to make appropriate decisions
- Ability to process work with accuracy and attention to detail
- Ability to maintain confidential information
- Ability to work well in a team environment, with both local and remote coworkers
- Excellent written and verbal communication
- Python and Perl
- Vagrant, Docker, or software QA methodologies
- CySA+, OSCP, GWAPT or other relevant certification
- Working in an Agile environment
Anything else? Absolutely.
SiteLock was recently awarded the Best of Cool award for our great culture by BestCompaniesAZ and are one of the Best Places to Work as awarded by Arizona Business Journal. Essentially, we offer a relaxed, friendly, fun and upbeat environment since we work here too! SiteLock is also the Fastest Growing Software Company in Arizona two years in a row per Deloitte’s Fast 500, and we aren’t slowing down anytime soon!
So What About The Perks? Perks Matter.
• Medical, Dental and Vision. SiteLock pays a nice chunk of your premiums to keep the cost as low as possible for our employees.
• 15 days of PTO and 7 paid Holidays. Because who doesn’t love time off?
• Benefits like 401(k), company paid life insurance, short and long-term disability.
• Casual Dress. Come dressed in jeans (you’ll fit right in with the rest of us).
• Free Food. Yeah, you heard that right! To make Mondays feel less like Monday, breakfast is provided and to make Fridays even better, lunch is catered in.
• Game Room. Gimme a break – no, not a Kit Kat ad but we do have a ping-pong table, shuffle board and PlayStation if you ever need a break in your day.
• Wellness Program. We want our employees to be the best versions of themselves. That’s why we offer a Wellness Program that includes an in-house Fitness coach, back massages, allergy testing, biometric screenings and much more!
• Growth opportunities. When we grow… our people grow! Our plan is to double in size by 2021. In order to do that, we need to develop our team members and foster their knowledge in cyber security and business.
Sitelock is an equal opportunity employer. All aspects of employment including the decision to hire, promote, discipline, or discharge, will be based on merit, competence, performance, and business needs. We do not discriminate on the basis of race, color, religion, marital status, age, national origin, ancestry, physical or mental disability, medical condition, pregnancy, genetic information, gender, sexual orientation, gender identity or expression, veteran status, or any other status protected under federal, state, or local law.