Sr Security Researcher

At least 2 year of experience in analyzing real web attacks or web exploitation, with a strong preference for more extensive experience.
Deep knowledge of networking fundamentals, the HTTP protocol, web servers, and the inner workings of web applications is essential.
Experience in tracking emerging web vulnerabilities in real-time.
Experience in building research infrastructure and Python-based tools.
Experience with creating and comprehending Regular Expressions for detailed pattern matching and security-related data analysis.
In-depth knowledge of security principles, theories, and recognized attack vectors.

Researching web frameworks and servers to identify and understand emerging threats.
Examining and replicating newly disclosed web application vulnerabilities.
Focusing on WAF (Web Application Firewall) evasion techniques to preemptively bypass our defenses before hackers can.
Creating innovative proof of concept solutions for advanced threats and continuously refining attack signatures, all in collaboration with development teams to enhance the WAF product using our research findings.
Gathering web security intelligence from blogs, forums, conferences, and academic papers.
Building tools and infrastructure for analyzing attacks.
Composing and distributing insights through blogs, reports, and presenting at security conventions.
Periodically performing security efficacy assessments on a variety of products, including WAFs, API security solutions, application security scanners, and machine learning models, to verify and improve their defense capabilities.