CloudLinux is hiring a Malware Intelligence Analyst for our Imunify360 Security Suite. You will analyze web malware to protect hosting servers worldwide, reverse-engineering threats and writing detection signatures for our round-the-clock processing pipeline.
What You'll Do
- Analyze and classify web malware including PHP shells, JavaScript injectors, WordPress backdoors, SEO spam, redirectors, and cryptominers.
- Reverse-engineer obfuscated PHP and JavaScript to understand attacker techniques and extract detection patterns.
- Write and refine PCRE-based detection signatures for our scanning engine.
- Maintain processing SLAs as part of a globally distributed team providing 24/7 malware coverage.
- Research emerging threats like new CMS exploitation techniques, supply-chain attacks on plugins/themes, and zero-day delivery methods.
What We're Looking For
- Strong PCRE regex expertise, including understanding anchors, non-capturing groups, performance implications, and writing complex patterns.
- 3+ years working with PHP and/or JavaScript, reading, understanding, and analyzing code.
- Experience with web malware reverse engineering, JS deobfuscation, PHP deobfuscation, and unpacking encoded payloads.
- Understanding of web attack injection, XSS, RCE, file upload exploits, and their manifestation in hosting environments.
- Familiarity with web server and shared hosting architecture: Apache/Nginx/LiteSpeed, Reverse Proxy, PHP handlers, WAF, Namespaces, cgroups, and Linux File system permissions.
- English proficiency at upper-intermediate level or above.
Nice to Have
- Experience with WordPress internals (themes, plugins, hooks).
- Hands-on website cleanup or incident response experience.
- Penetration testing or red team background.
- Python scripting for automation and tooling.
- Experience with YARA rules or other signature formats.
- Familiarity with cPanel, Plesk, or DirectAdmin environments.
Technical Stack
- PHP, JavaScript, PCRE, Python, YARA
- Apache/Nginx/LiteSpeed, WAF
Team & Environment
You will join our globally distributed Malware Processing Team, providing 24/7 coverage as part of a collaborative group focused on server security.
Benefits & Compensation
- Paid 24 days of vacation per year.
- 10 days of national holidays.
- Unlimited sick leaves.
- Compensation for private medical insurance.
- Co-working and gym/sports reimbursement.
- Opportunity to receive a reward for the most innovative idea that the company can patent.
Work Mode
This is a worldwide remote position, allowing you to work from anywhere.
CloudLinux is an equal opportunity employer.
