Remote Malware Intelligence Analyst

Imunify360 Security Suite, a product of CloudLinux Inc., offers an innovative, automated security solution for shared, VPS, and dedicated servers. As the #1 OS in security and stability for hosting providers, Imunify delivers comprehensive attack prevention through a six-layer security approach.

For more details on our Imunify360 product, please visit our website: https://www.imunify360.com/.

Imunify360 scanners actively clean millions of infected files and websites monthly. This critical work is performed by a dedicated team of malware analysts who reverse-engineer threats, develop detection signatures, and build the intelligence layer safeguarding hundreds of thousands of web servers, from small WordPress sites to large infrastructure.

Join our expanding Malware Processing Team as we move towards 24/7 malware coverage. We are seeking analysts to dissect real-world web malware, including obfuscated PHP backdoors, JavaScript injections, SEO spam, and cryptominers. Your findings will be crucial in developing detection rules that protect millions of websites.

This is a fully remote position with a fixed schedule designed to align with your time zone and preferences.

What You'll Do

• Analyze and classify web malware, including PHP shells, JavaScript injectors, WordPress backdoors, SEO spam, redirectors, and cryptominers, targeting the hosting ecosystem.
• Reverse-engineer obfuscated PHP and JavaScript to understand attacker techniques and extract effective detection patterns.
• Write and refine PCRE-based detection signatures for our scanning engine, prioritizing precision to prevent false positives and maintain customer trust.
• Maintain processing Service Level Agreements (SLAs) as part of a globally distributed team, ensuring round-the-clock malware coverage.
• Research emerging threats, such as new CMS exploitation techniques, supply-chain attacks on plugins/themes, and zero-day delivery methods.

Requirements

Must Have:

• Strong PCRE regex expertise, including understanding anchors, non-capturing groups, and performance implications, to write accurate and efficient complex patterns.
• 3+ years of experience with PHP and/or JavaScript, focusing on reading, understanding, and analyzing code to differentiate legitimate from malicious artifacts (software engineering skills not required).
• Proficiency in web malware reverse engineering, JavaScript deobfuscation, PHP deobfuscation, and unpacking encoded payloads.
• Understanding of web attack injection techniques, including XSS, RCE, and file upload exploits, and their manifestation in hosting environments.
• Familiarity with web server and shared hosting architecture, such as Apache/Nginx/LiteSpeed, Reverse Proxy, PHP handlers, WAF, Namespaces, cgroups, and Linux File system permissions.
• English proficiency at an upper-intermediate level or above.

Nice to Have:

• Experience with WordPress internals (themes, plugins, hooks).
• Hands-on website cleanup or incident response experience.
• Penetration testing or red team background.
• Python scripting for automation and and tooling.
• Experience with YARA rules or other signature formats.
• Familiarity with cPanel, Plesk, or DirectAdmin environments.

We encourage applications from candidates with strong analytical skills and a genuine curiosity about malware, even if your background is in security research or adjacent fields rather than pure malware analysis. Our comprehensive onboarding process and modern tooling will support your transition.

Work Schedule

We maintain a 24/7 malware processing pipeline with a 1-hour Service Level Agreement (SLA). To ensure a sustainable and fair work environment:

• You will work a standard 5-day week (5 on / 2 off) on a fixed schedule, aligned with your time zone and preferences, with no mandatory rotation.
• Weekends and public holidays falling within your schedule are compensated with either bonus payments or additional vacation days.

Benefits

What's in it for you?

• A 5-day work week (5 on / 2 off) with a fixed schedule aligned to your time zone.
• Paid time off including 24 vacation days per year, 10 national holidays, and unlimited sick leave to support a healthy work-life balance.
• Compensation for private medical insurance.
• Reimbursement for co-working spaces and gym/sports activities.
• Opportunity to receive a reward for innovative, patentable ideas, fostering a culture of creativity.

By applying for this position, you consent to the processing of your personal data as described in our Privacy Policy, which details how we maintain and handle your data.