Threat Detection and Script Engineer

Overview

Required skills

JavaScript / strong Kibana / good Selenium / Puppeteer / good English / strong

As a Threat Research and Script Engineer, you’ll monitor and analyze digital threats, reverse-engineer malicious code, and enhance detection capabilities. Working closely with engineering and research teams, you’ll investigate suspicious activity, respond to emerging threats, and document findings in technical reports. This role requires strong JavaScript skills, knowledge of browser APIs and HTTP protocols, and sharp analytical thinking to stay ahead in the cybersecurity landscape.

Customer

Our customer is a leading provider of advanced security solutions focused on protecting individuals, organizations, and digital ecosystems from a broad spectrum of threats. Specializing in the AdTech space, the company delivers cutting-edge bot defense and anti-malvertising technologies designed to safeguard advertising platforms from fraudulent and malicious activity.

Project

In the realm of digital security, the client’s platform delivers advanced bot defense and anti-malvertising solutions tailored for the AdTech ecosystem. By leveraging in-depth threat research and customizable detection technologies, it empowers partners including SSPs, DSPs, agencies, and publishers to proactively safeguard their systems and maintain secure, trustworthy ad environments.

Requirements

Requirements

• At least 4 years of experience as a Software Engineer
• 1+ years of experience in Сore Vanilla JavaScript
• Strong refactoring and reverse engineering skills, meaning understanding the execution flows, side effects, implications and intentions of the code being inspected (needed for malicious code reverse engineering purposes)
• Knowledge of different browser APIs
• Knowledge of CS fundamentals, algorithms, and data structures
• Understanding of browsers, browser security policies
• Understanding of HTTP protocol
• Upper-Intermediate level of English

Would be a plus

• Experience with obfuscation and deobfuscation
• 1+ years with any web driver-based technology (Selenium, Puppeteer, etc.)
• Strong debugging skills including debugging 3rd party mobile applications and analyzing their traffic using MITM-proxy (Charles/Fiddler/mitmproxy/Burp Suite) and other tools (Postman etc.)
• Good understanding of code transformation tools and/or bundlers
• Bulletproof coding skills in terms of “can”/”cannot”, not “should”/”should not”

Personal Profile

• Ability to work effectively without constant supervision and manage tasks autonomously
• Willingness to take initiative, seek out missing information, and follow up without being prompted
• Strong sense of responsibility, with a commitment to owning and completing tasks thoroughly
• Ability to communicate in a structured and professional manner, especially with external stakeholders

Responsibilities

Responsibilities

• Monitor existing threats by analyzing logs, detection mechanisms, and dashboards (e.g., Kibana)
• Investigate suspicious activity detected in logs and ensure appropriate mitigation steps are taken to prevent missed threats
• Research and respond to reported threats, including escalations and complaints from customers
• Analyze intelligence received from competitors and other industry sources to stay ahead of emerging threats
• Proactively research and identify new types of threats through open-source intelligence and internet investigation
• Act as a bridge between the script engineering team and the threat research team, understanding script capabilities and identifying ways to improve threat detection and mitigation
• Support and maintain the detection scripts by investigating and fixing issues that arise on Customer websites
• Conduct in-depth investigations to explain unusual or suspicious patterns, ensuring a thorough understanding of threat scenarios
• Write forensic reports and technical documentation (AKA “smoking guns”) describing potential attacks and how they were prevented