c/side is hiring a Senior Security Analyst

About cside: cside is intensely committed to addressing web security challenges in the AI era. Our initial focus is on client-side injections, innovatively addressing previously overlooked attack surfaces with developer and user-friendly approaches. Our team comprises a diverse group of highly skilled subject matter experts. We maintain a balance of kindness and professional rigor. Since January 2024, cside has successfully secured $7.7 million in pre-seed and seed funding from prestigious investors like Uncork Ventures, Mantis Ventures, Scribble Ventures, Roar VC, and influential industry leaders. These carefully selected investors are dedicated to supporting our company's growth. We've garnered recognition from prominent global media platforms including Techcrunch, Wired, Fortune, Forbes, and others. About the role: We are seeking a senior security analyst to monitor emerging digital threats. Your responsibilities will involve investigating attack methodologies, enhancing detection systems, and collaborating closely with our internal engineering team. You'll be the primary representative of our security detections team, uncovering novel attacks and sharing insights globally. What you will do: Continuously monitor worldwide attack landscapes. With extensive traffic data and comprehensive website monitoring, we aim to identify emerging attack techniques. Your mission is to discover these methods, develop detection strategies, leverage existing attributes for attack identification, and implement robust solutions. Review incoming detection signals, analyzing broader, non-public indicators that warrant focused investigation. Lead our Security Research and content initiatives. When discovering malicious scripts affecting over 1000 websites, we immediately publish detailed analyses to protect digital infrastructure and prevent malicious actors from compromising critical systems. Develop innovative detection methodologies and rules for emerging attacks. A profound understanding of JavaScript is beneficial, as client-side attacks frequently involve JS. Our detection systems predominantly utilize Rust. Proactively define detection protocols for potentially malicious client-side behaviors, cross-referencing against our script database. Utilize and construct internal tools for identifying unprecedented attack vectors. About you: You're energized by complex cybersecurity challenges! The opportunity to prevent bad actors from harming unsuspecting individuals deeply motivates you. You possess comprehensive knowledge of JavaScript, browser architectures, and preferably background in Rust and Yara rules. Exploring the nuanced differences between client-side JavaScript specifications and browser engine implementations is a personal passion. You've participated in capture the flag competitions or regularly engage in ethical hacking and bug bounty programs. You're self-motivated and aspire to revolutionize client-side and web security markets. You have 3-5 years of professional experience. At cside: We prioritize continuous learning and collective growth. We maintain unwavering commitment to quality, refusing to compromise our standards. We respect our team, customers, and community by delivering exceptional products. We embrace strong, adaptable perspectives. Our passion drives us to collaboratively create groundbreaking solutions, focusing exclusively on meaningful impact. cside offers: 2-3 annual team offsites Generous work-from-home allowance Latest Macbook Competitive stock options Market-rate compensation Flexible, unlimited PTO Fully remote work environment Dedicated long-term career development support We're constructing a world-class security organization and seek exceptional talent. We categorically reject discrimination. Our hiring process celebrates diversity, welcoming candidates regardless of educational background, age, ethnicity, religion, nationality, sexual orientation, gender identity, disability status, marital status, or veteran credentials.