TLM/Principal Security Researcher
At HUMAN we are all about keeping it human. We are the global leader in bot mitigation. We protect more than 200 enterprises—including the largest internet platforms—from sophisticated bots by verifying the humanity of nearly one trillion online interactions every week. The most sophisticated bots look and act like humans when they click on ads, visit websites, fill out forms, take over accounts, and commit payment fraud. We stop them.
Founded in 2012 in a Brooklyn sci-fi bookstore, our Bot Mitigation Platform protects enterprises from the sophisticated bots that threaten them. It’s an ongoing war that we fight passionately every day. Join our mission to stop bots, disrupt the economics of cybercrime, and keep it human.
Our reverse engineering team is responsible for diving deep into the rabbit holes of botnets and fraud. We keep a keen eye on the latest threats while also trying to predict the next move in ad fraud. Massive-scale cyber crime relies on infected hosts. By dissecting and analyzing the malware involved in this we’re able to adjust and dismantle whole operations. Fast and agile, we try to automate as much as we can of the boring tasks, so we can focus on aggressively going where no analyst has gone before.
You will need a keen edge in order to discern between a developer that just doesn’t know how to implement an application and another one that’s keen on committing fraud. Our work can bring down a whole company, so with great power comes great responsibility. You’ll need to be familiar with various programming languages and app development best practices as well as having bash as your second language.
What you will do:
- Lead, hire and grow a team of security researchers passionate about the cyber-criminals who defraud and exploit the public internet, ad tech, and enterprise customers.
- Answer the technical questions, such as: Why is this app doing so much traffic out of nowhere in the middle of the night? Why is it pretending to be a desktop browser? This automated login, was it with or without user consent? Are users being exploited and their data ex-filtrated?
- Come up with new ways of sifting through global-scale telemetry.
- Come up with new tools that automate signal and lead generation for identifying new strains of bots
- Explain what a certain IoC means to less Android/iOS savvy people in order for them to better conceptualize a threat. Build the “ground truth” insights that data science teams need to connect the dots between IoCs seen in sandboxes, and traffic telemetry seen in the wild.
- Reverse engineer Android/iOS apps and come up with a human readable report that can be used as a justification for enforcing our block/allow decisions.
- Use your skills in manual reverse engineering to build global-scale automation. Evolve a static and multifaceted analysis pipelines for Android/iOS.
- Mentor a new generation of reverse engineers
- Scour the AdTech ecosystem and the realms of e-commerce, financial services, and online media for new ways in which fraudsters might abuse them
Who you are:
- You’re a deeply enthusiastic hacker on both iOS and Android.
- You’re no stranger to static/dynamic analysis tools.
- You’re proficient with at least one scripting language.
- You understand the mobile/web ecosystem.
- You have a fair understanding of how cybersecurity might tie in with all kinds of fraud and how that can be prevented.
- You enjoy working with more junior team members and enabling them for success
Benefits & Perks
- Unlimited PTO
- Private medical and dental insurance for all full-time employees
- Fully paid parental leave
- Learning & Development fund
- Phenomenal coaching from senior leaders and challenging development opportunities
- Monthly internet, phone bill, and meal stipend to support working remotely during COVID-19
- Company-sponsored TalkSpace membership for you and your family
Life at HUMAN:
Our HQ office is located in the heart of New York City. We are growing the company deliberately with a keen eye towards maintaining values that embody diversity, lifestyle, and career growth. We are doing substantial work, and we need people to join our mighty team. We are proud of our overwhelmingly positive presence on Glassdoor and Built in NYC. We have offices located in NYC, DC, Victoria, and London.
We understand it takes a diverse team of passionate, curious, and creative people to solve the challenges involved in protecting the Internet. Our dynamic team of humans have incredible perspectives to share, just as we know you do, and we take great pride in being an equal opportunity workplace.
We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform crucial job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.