Principal Security Researcher, TLM
United States
Applications have closed
HUMAN
HUMAN Security is a cybersecurity company that safeguards enterprises and internet platforms from sophisticated bot attacks, fraud, and account abuse.Our hacker roots still permeate everything we do. You will be a part of the HUMAN front line in our commitment to helping protect companies (and in turn, their customers) from both revenue and reputation risk caused by malicious bots. However, HUMAN is not the center of this story. Humans like yourself are. We firmly believe in putting people first. This approach spans our extensive benefits and day-to-day culture in order for every human to do the best work of their life. We want to hear about the marathon you’re training for. We want to see pictures of your pets. We want to know your favorite robot (we have many).
The HUMAN R&D team is pivotal to our mission to protect the heart of the internet by disrupting the economics of cybercrime. They are the ones uncovering and fighting bot operations like PARETO, ICEBUCKET, 3ve, and Methbot. HUMAN supports our R&D humans by strongly valuing deep work and flexibility. Company-wide meeting-free Fridays give you uninterrupted time to work on your projects. Additionally, this team is encouraged to participate in R&D Research Friday - a designated half-day each week dedicated to trying new ideas and personal career development. HUMAN is fully committed to flexible working arrangements, or as we call it, work from anywhere, anytime. All of this is to ensure our humans are able to do the best work of their lives.
We want to work with people like you who break down problems to build up better solutions. That’s what makes us HUMAN. Our reverse engineering team is responsible for diving deep into the rabbit holes of botnets and fraud. We keep a keen eye on the latest threats while also trying to predict the next move in ad fraud. Massive-scale cyber crime relies on infected hosts. By dissecting and analysing the malware involved in this we’re able to pivot and dismantle whole operations. Fast and agile, we try to automate as much as we can of the boring tasks so we can focus on boldly going where no analyst has gone before.
You will need a keen edge in order to discern between a developer that just doesn’t know how to implement an application and another one that’s keen on committing fraud. Our work can bring down a whole company, so with great power comes great responsibility. You’ll need to be familiar with various programming languages and app development best practices as well as having bash as your second language.
What you will do:
- Open Source/Closed Source investigations of frauds/threats with a high understanding of Operational security
- Answer the technical questions, such as: Why is this app doing so much traffic out of nowhere in the middle of the night? Why is it pretending to be a desktop browser? This automated login, was it with or without user consent? Are users being exploited and their data exfiltrated?
- Continuously monitoring and investigating the open internet, darknet, and private forums for bot related activities
- Network & Data analytics to understand bot-related activities
- Come up with new ways of sifting through global-scale telemetry
- Come up with new tools that automate signal and lead generation for identifying new strains of bots
- Look through our proprietary internal information leading to new bot-insights
- Explain what a certain IoC means to less savvy people in order for them to better conceptualize a threat. Create the “ground truth” insights that data science teams need to connect the dots between IoCs seen in sandboxes, and traffic telemetry seen in the wild
- Scour the ad tech ecosystem and the realms of e-commerce, financial services, and online media for new ways in which fraudsters might abuse them
Who you are:
- You are an expert in OSINT research and threat hunting.
- You have an expertise in analyzing, tracking and explaining threat incidents and indicators.
- You are skilled in writing technical reports and blogs.
- You’re enthusiastic about analyzing desktop, ctv & mobile (iOS/Android) frauds/threats.You’re no stranger to static/dynamic analysis .
- You are a hacker and find a safe way to accomplish tasks and defeat hurdles.
- You are a proficient scripter/automator in JS, python, sh etc. (one or more).
- You understand the internet (mobile & web) ecosystem.
- You are a cybersecurity professional with understanding in operation and prevention of various prevailing & potential frauds.
- You enjoy working with more junior team members and enabling them for success
- You are self motivated, own responsibilities, and enjoy working with a team of diverse skill & culture.
- You have published technical blogs/papers or presented in research forums.
HUMAN prides itself on being an equal opportunity workplace. We firmly believe in putting people first regardless of who you are, where you come from, how you identify, or who your favorite robot is (we have many). We are on a mission to protect the integrity of the internet for everyone, so we welcome all individuals to come to share their unique experiences and perspectives as we fight against cybercrime together!With Humans located in all parts of the world, we’ve fully embraced our diversity of thought and are always looking for innovative ways to connect with one another - even in virtual reality! Although New York City is our HQ, with teams in London, Virginia, and Victoria, we trust our Humans in choosing where they work and how they work. The benefits package we provide reflects our remote-first culture and our commitment to our Humans’ personal career development, which includes annual stipends for home office setup, wellbeing, and learning & development. We also offer weekly lunches, flexible time off, no-meeting Fridays, HUMAN days, sabbatical programs, and so much more.We’re constantly trying to anticipate the needs of our Humans to ensure each one of us is equally prepared to do some of the best work of our life. Taking care of one another is part of the HUMAN experience and how we build true HUMAN connections.
If you are an individual with a disability or special need that requires accommodation, please contact us directly.
Tags: Agile Analytics Android Bash Cyber crime E-commerce iOS Malware Monitoring Open Source OSINT Python R&D Reverse engineering
Perks/benefits: Career development Flex hours Flex vacation Home office stipend Lunch / meals
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Senior Security Analyst jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Information Security Specialist jobs
- Open Manager Pentest H/F jobs
- Open Senior Cyber Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Cyber Security Specialist jobs
- Open Product Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Consultant SOC / CERT H/F jobs
- Open Cybersecurity Consultant jobs
- Open Chief Information Security Officer jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Sr. Security Engineer jobs
- Open Security Researcher jobs
- Open Senior Security Architect jobs
- Open IT Security Engineer jobs
- Open CISM-related jobs
- Open ISO 27001-related jobs
- Open Network security-related jobs
- Open Application security-related jobs
- Open Windows-related jobs
- Open Agile-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open DevOps-related jobs
- Open Security assessment-related jobs
- Open Kubernetes-related jobs
- Open Security Clearance-related jobs
- Open Malware-related jobs
- Open CI/CD-related jobs
- Open IDS-related jobs
- Open DevSecOps-related jobs
- Open CEH-related jobs