Web Security Research Analyst I (319)
Job Details
Scottsdale - Scottsdale, AZ

SiteLock Needs A Web Security Research Analyst I

SiteLock is a global leader in the fast-growing cybersecurity solutions market and is the only provider in the industry to offer complete, cloud-based website security protection.  Our mission is to protect every website on the internet – and to protect those organizations and individuals who want to use the internet for business, communication or collaboration. Over the years, SiteLock has consistently earned numerous industry honors and top rankings for our products and organization and appeared on the Inc 5000 list for the third consecutive year with distinction as the top revenue-generating cybersecurity company in Arizona.  

Our strong brand recognition and proven thought leadership is evidenced by recent features in CBS News, Newsweek, Entrepreneur and many other top media and publications. Founded in 2008, we are recognized as the cybersecurity partner of choice by over 16 million websites worldwide. 


Position Overview 

The Web Security Research Analyst uses their experience reading and writing code to quickly identify malicious and partially malicious code in web applications (mostly PHP and Javascript) additionally writing Regular Expressions to run against code, generating Signatures to improve our Automated Malware Identification and Removal Database. 

The analyst will review large amounts of code daily, marking code snippets as Malicious or safe with a high level of accuracy.  Familiarity with code de-obfuscation and web application security is required. 


Position Responsibilities 

The Web Security Research Analyst will take a proactive approach to identifying security risks in files, databases and web content. Responsibilities for this position will include:  

  • Identify malicious code in PHP and Javascript files. 

  • Write regular expressions to clean/remove malicious code 

  • Decode and determine intent of suspicious code  

  • Create and deploy code snippets to catch suspicious code blocks 

  • Work directly with lower tier technical support to identify real time trends  

  • Deploy signatures in a timely, coordinated manner  

  • Clean site infections of malicious SEO spam  

  • Review signatures from other analysts for accuracy for final submission  

  • Work and respond to escalated CRM tickets submitted to the Research team  

  • Update and maintain the binary signature (BINSIG) queue signatures  

  • Submit new malicious sites and code to the signature queue   

  • Maintain documentation on Research Team processes and tools 

  • Work and respond to CRM tickets submitted to the Research team 

  • Perform penetration tests on common CMS plugins and themes  

  • Work with CMS, plugin, and theme developers to patch vulnerabilities 

  • Take the lead on incident triage when a Lead or Manager is not available 

  • Stay abreast of the latest web, WordPress, and general security-related developments  


Position Requirements 

  • Proficient in PHP, JavaScript, Python, and Perl  

  • Familiar with ASP, .NET, C, or other programming languages 

  • Demonstrated understanding of programming and server-side scripting  

  • Minimum of two (2) years of experience with the Linux command line  

  • Ability to write complex Perl regular expressions without a reference guide  

  • One (1) to two (2) years of experience and/or training pertaining to Internet security, or equivalent combination of education and experience  

  • Experience with Vagrant, Docker, or software QA methodologies  

  • Experience with penetration testing on web applications 

  • Ability to work without supervision, and to make appropriate decisions  

  • Ability to process work with accuracy and attention to detail  

  • Ability to maintain confidential information  

  • Ability to work well in a team environment, with both local and remote coworkers  

  • Excellent written and verbal communication  


Desired Experience

  • CySA+, OSCP, GWAPT or other relevant certification 

  • Experience working in an Agile environment


Anything else? Absolutely.  

SiteLock was recently awarded the Best of Cool award for our great culture by BestCompaniesAZ and are one of the Best Places to Work as awarded by Arizona Business Journal.  Essentially, we offer a relaxed, friendly, fun and upbeat environment since we work here too!  SiteLock is also the Fastest Growing Software Company in Arizona two years in a row per Deloitte’s Fast 500, and we aren’t slowing down anytime soon!

So What About The Perks?  Perks Matter.
•    Medical, Dental and Vision.  SiteLock pays a nice chunk of your premiums to keep the cost as low as possible for our employees.
•    15 days of PTO and 7 paid Holidays.  Because who doesn’t love time off?
•    Benefits like 401(k), company paid life insurance, short and long-term disability.  
•    Casual Dress.  Come dressed in jeans (you’ll fit right in with the rest of us).
•    Free Food.  Yeah, you heard that right!  To make Mondays feel less like Monday, breakfast is provided and to make Fridays even better, lunch is catered in.
•    Game Room.  Gimme a break – no, not a Kit Kat ad but we do have a ping-pong table, shuffle board and PlayStation if you ever need a break in your day.
•    Wellness Program.  We want our employees to be the best versions of themselves.  That’s why we offer a Wellness Program that includes an in-house Fitness coach, back massages, allergy testing, biometric screenings and much more!
•    Growth opportunities.  When we grow… our people grow!  Our plan is to double in size by 2021.  In order to do that, we need to develop our team members and foster their knowledge in cyber security and business. 

Sitelock is an equal opportunity employer. All aspects of employment including the decision to hire, promote, discipline, or discharge, will be based on merit, competence, performance, and business needs. We do not discriminate on the basis of race, color, religion, marital status, age, national origin, ancestry, physical or mental disability, medical​​​ condition, pregnancy, genetic information, gender, sexual orientation, gender identity or ​expression, veteran status, or any other status protected under federal, state, or local law.

We Are SiteLock
SiteLock Team Members
People, Products, Progress