RemoteLeaf Logo
Log in Sign up

Malware Intelligence Analyst (remote, LatAm)

3 hours, 39 minutes ago
Mexico, Argentina, Brazil, Colombia
Full-time
Mid Level
Security Analyst
Cybersecurity
Apache JavaScript Linux Nginx Penetration Testing PHP Python Reverse Proxy WAF WordPress
Apply Now
CloudLinux

CloudLinux

CloudLinux is a leading provider of the CloudLinux OS, a platform for Linux web hosting that offers next-level performance and security. With a focus on optimizing web hosting environments, CloudLinux helps service providers improve density, stability,...

IT Services
51-250
Founded 2009
View All Jobs 5

Description

  • Analyze and classify web malware including PHP shells, JavaScript injectors, WordPress backdoors, SEO spam, redirectors, and cryptominers.
  • Reverse-engineer obfuscated PHP and JavaScript to understand attacker techniques and extract detection patterns.
  • Write and refine PCRE-based detection signatures for the scanning engine.
  • Maintain processing SLAs as part of a globally distributed team providing round-the-clock malware coverage.
  • Research emerging threats such as new CMS exploitation techniques, supply-chain attacks on plugins and themes, and zero-day delivery methods.
  • Translate malware analysis findings into production-ready detections that reduce false positives.
  • Support a 24/7 malware processing pipeline across time zones.
  • Collaborate within the malware processing team to sustain continuous coverage and response.

Requirements

  • Strong PCRE regex expertise, including anchors, non-capturing groups, performance implications, and complex pattern writing.
  • 3+ years of experience working with PHP and/or JavaScript, including reading, understanding, and analyzing code.
  • Experience with web malware reverse engineering, JavaScript deobfuscation, PHP deobfuscation, and unpacking encoded payloads.
  • Understanding of web attack injection, XSS, RCE, file upload exploits, and how they appear in hosting environments.
  • Familiarity with web server and shared hosting architecture, including Apache, Nginx, LiteSpeed, Reverse Proxy, PHP handlers, WAF, namespaces, cgroups, and Linux file permissions.
  • Upper-intermediate English proficiency or above.
  • Experience with WordPress internals, including themes, plugins, and hooks, is preferred.
  • Hands-on website cleanup or incident response experience is preferred.
  • Penetration testing or red team background is preferred.
  • Python scripting for automation and tooling is preferred.
  • Experience with YARA rules or other signature formats is preferred.
  • Familiarity with cPanel, Plesk, or DirectAdmin environments is preferred.

Benefits

  • Fully remote work with a fixed schedule aligned to your time zone and preferences.
  • Standard 5-day week with a 5 on / 2 off schedule and no mandatory rotation.
  • Weekend and public holiday work within your schedule is compensated with bonus payments or extra vacation days.
  • 24 paid vacation days per year.
  • 10 national holidays per year.
  • Unlimited sick leave.
  • Private medical insurance reimbursement.
  • Co-working and gym/sports reimbursement.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

True Zero Technologies

Senior Cyber Threat Intelligence Lead (R-00128)

True Zero Technologies 11-50 Internet Software & Services

True Zero Technologies is hiring a remote Senior Cyber Threat Intelligence Lead to gather, analyze, and communicate actionable intelligence that strengthens cyber threat detection and response for its clients.

United States Full-time Senior Security Analyst
AWS Azure Elasticsearch GCP SIEM Splunk
9 minutes ago
Saviynt

L3 SOC Analyst

Saviynt 251-1K Internet Software & Services

Saviynt is hiring a remote UK L3 SOC Analyst to support its modern security operations centre, where the role focuses on advanced incident investigation, automation, threat hunting, and cloud security for government-facing environments.

United Kingdom Full-time Senior Security Analyst
AWS Bash CrowdStrike Go Kubernetes PowerShell Python SIEM Splunk
24 minutes ago
Jenzabar

Information Security Analyst

Jenzabar 251-1K Internet Software & Services

Jenzabar is seeking an Information Security Analyst to support continuous security monitoring, incident response, and security tool maintenance across on-premises and cloud environments.

United States Full-time Mid Level Security Analyst
$76k-$90k
PowerShell Python SIEM
1 hour, 9 minutes ago
Gearset

GRC Manager

Gearset 51-250 Internet Software & Services

Gearset is hiring a remote GRC Manager in the UK to lead security, compliance, and data protection work supporting its Salesforce DevOps platform and growing customer base in regulated sectors.

United Kingdom Full-time Senior Security Analyst
AWS Cybersecurity DevSecOps HIPAA
1 hour, 9 minutes ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers