Senior Threat Researcher - Sucuri
Full-TimeAll OtherU.S or any country where GoDaddy has operations
The Web Threat landscape is constantly evolving and in order to keep pace with new malware and vulnerabilities, GoDaddy’s Sucuri team seeks a Senior Threat Researcher who will hunt for malicious code and find new vulnerabilities to predict new trends. You will be working with our research team, collaborating with our active research, and writing for our labs.sucuri.net, blog.sucuri.net and godaddy.com/garage.
You can be based remote, working in any location in the U.S or any country where GoDaddy has operations (Australia, Brazil, Bulgaria, Canada, China, Germany, India, Israel, Mexico, Netherlands, Romania, Serbia, Singapore, Spain, United Kingdom, USA)!
You'll also review and reverse patches to understand the vulnerabilities fixed on a software release as well as find vulnerable code on existent software. All the findings will be used to protect our clients by writing virtual patching rules to our WAF.
This is a great opportunity for you to continue to develop your understanding of tactics and tricks used by malware, and to find reliable ways to automate discovery of infected sites.
- Research new malware online
- Detecting trends and waves of infections
- Writing articles on findings
- Code reading to determine if a particular file is malicious or not
- Writing regular expressions to detect and remove malicious code
- Website cleanup and troubleshooting
- Understanding of security principles and use good security practices in general
- Linux experience – CLI and cPanel
- Experience with Apache, Nginx and other web servers
- Experience with WordPress, Joomla, Magento, vBulletin and other CMS software
- Web Malware Experience (decoding, understanding)
- PHP, Python and Shell scripting/automation
- Open source and community participation and contributions a plus
Tools We Work With