Job Description

We are looking for security analysts to join our forensics team. You will assist our customers to investigate how their site was hacked and to repair their site and remove all traces of the intrusion. In addition to this you will also collect evidence from intrusions that will help improve our threat detection. You will need to determine how the intrusion occurred and then collect all IOC’s (indicators of compromise) and share this data with our product team in a structured way.

General requirements:

• You must be highly technical and be comfortable with a wide range of open source tools.


• Excellent written and verbal communication skills.


• You must work well in a team.


• You must be nimble, be able to come up with creative solutions to challenging problems and must have a mature approach to problem solving.


• Attention to detail.

Requirements

The specific skills we require for this position are:

• A solid understanding of regular expressions. You need to be able to write expressions on the fly to match and remove only malicious code (which is often polymorphic) without affecting any legitimate code.


• At least 5 years of experience administering LAMP systems.


• Ability to program in PHP and JavaScript. Other languages like Python a strong plus.


• Understanding of SQL and ability to use the MySQL client.


• Experience investigating hacked websites, determining how the intrusion occurred and removing the intrusion and restoring the site to a fully functional state.


• An understanding of all major vulnerability types and the ability to explain them to a customer.


• Ability to analyze web log files and determine how an intrusion occurred.


• Must be able to use Linux shell tools like grep, find and any other utility that can assist with investigation and remediation.


• Experience with WordPress required.


• You must be well versed in information security and any certifications you already have in penetration testing or forensics are a strong plus.

All positions require a trial period of approximately j2-3 weeks with a minimum commitment of 10 hours per week. You will be paid for this short-term contract, and it will be used to evaluate whether both parties want to pursue an ongoing working relationship.

All offers are contingent on successful completion of a background check. The results of the background check are considered as they relate to the position and do not automatically disqualify someone from a offer of work with the company.