Malware Intelligence Analyst

This position is posted by Jobgether on behalf of a partner company. We are seeking a skilled Malware Intelligence Analyst to join a dynamic, globally distributed cybersecurity team in India. This role is crucial in protecting a vast network of web servers from sophisticated online threats. As a Malware Intelligence Analyst, you will be responsible for reverse-engineering real-world web malware, identifying attacker methodologies, and developing high-precision detection signatures. Your contributions will directly enhance the security of websites, from small deployments to large-scale infrastructure. Operating within a 24/7 malware processing environment, you will collaborate across time zones to ensure swift threat response and continuous operational coverage. This is a fully remote position with a fixed schedule tailored to your time zone, offering a balance between impactful work and personal life. If you possess a passion for code analysis and web security, this role presents an exciting challenge and a meaningful purpose.

Key Responsibilities:

• Analyze, classify, and prioritize web-based malware, including obfuscated PHP backdoors, JavaScript injections, SEO spam, redirectors, and cryptominers targeting hosting environments.
• Reverse-engineer malicious PHP and JavaScript code to uncover attacker techniques and extract reliable detection patterns.
• Develop, test, and refine high-precision PCRE-based detection signatures for production scanning engines, ensuring minimal false positives and maximum coverage.
• Adhere to strict service-level agreements (SLAs) as part of a globally distributed team ensuring 24/7 malware coverage.
• Research emerging attack vectors such as CMS exploitation techniques, plugin/theme supply-chain compromises, and zero-day delivery methods.
• Contribute to the enhancement of internal processes, tooling, and automation to improve detection efficiency and scalability.

Required Qualifications:

• Strong expertise in PCRE regex, including advanced constructs, performance optimization, and accurate pattern design.
• A minimum of 3 years of experience working with PHP and/or JavaScript, with demonstrated ability to analyze and differentiate malicious code.
• Hands-on experience with web malware reverse engineering, deobfuscation techniques, and payload unpacking.
• A solid understanding of common web attack vectors (e.g., injection attacks, XSS, RCE, file upload exploits) and their behavior in hosting environments.
• Familiarity with web server architectures and shared hosting ecosystems (Apache, Nginx, LiteSpeed, reverse proxies, PHP handlers, WAFs, Linux file systems, namespaces, cgroups).
• Upper-intermediate or higher English proficiency.

Desirable Skills:

• Experience with WordPress internals, website incident response, penetration testing, Python scripting, YARA rules, or hosting control panels (cPanel, Plesk, DirectAdmin).
• Strong analytical thinking, a keen interest in attacker methodologies, and the ability to work independently in a remote setting.

Benefits:

• Fully remote position with a fixed 5-day workweek (5 on / 2 off) aligned with your time zone.
• 24 paid vacation days annually, plus 10 national holidays and unlimited sick leave.
• Additional compensation or extra vacation days for weekend and public holiday work.
• Private medical insurance compensation.
• Reimbursement for co-working spaces and gym/sports activities.
• Performance-based recognition and rewards for innovative ideas.
• Structured onboarding and modern tooling to support continuous professional growth.

Apply through Jobgether for an AI-powered matching process that ensures your application is reviewed quickly and objectively.