Senior Security Analyst

About cside: cside is laser-focused on solving web security in the AI age, starting with client-side injections, and covering previously unmonitored attack surfaces in developer and user-friendly ways.

The team at cside is a diverse mix of highly capable subject matter experts who are kind but mean business. Since January 2024, cside has raised $7.7 million in pre-seed and seed funding from notable investors.

We are looking for a senior security analyst to keep an eye on emerging threats, dig into their methods, scope improvements in our detection systems, and collaborate with the engineering team internally.

You will be the face of the security detections team, discovering new attacks and sharing them with the world.

• Keep an eye out for attacks around the world, utilizing our traffic data and website monitoring to find new attack methods, scope detection methods, and ship them.
• Review detections that come in, using broader signals to narrow down on potential threats.
• Lead our Security Research and content effort, blogging about malicious scripts that impact over 1000 websites to protect the internet and prevent bad actors from destabilizing critical infrastructure.
• Build new detection methods and rules for new attacks, using a deep understanding of JavaScript and potentially Rust.
• Proactively define detections for client-side behaviors that can be malicious and review this against our script data.
• Use and build internal tools to detect never-seen-before attacks.

• You have a passion for the cat-and-mouse game of security and are motivated by the opportunity to stop bad actors from impacting unknowing individuals.
• You have a deep understanding of JavaScript, browsers, and ideally some background in Rust and Yara rules.
• You have participated in capture-the-flag events or regularly spend time doing white-hat hacking or bug bounties.
• You are self-managing and want to disrupt the client-side and web security market.
• You have at least 3-5 years of prior work experience.

We are constantly learning and developing better, growing together as a team. We do not ship half projects, sell snake oil, or cut corners, and we put a dent in the universe by building good products.

• We offer 2-3 off-sites per year, a generous work-from-home allowance, the latest MacBook, stock options, market-rate salary, take-what-you-need PTO, and a fully remote work environment.
• Our team is invested in your long-term career development, and we celebrate equal opportunities for all.

We are building a world-class security company and want the best people for the job, regardless of formal educational background, age, skin tone, religion, national origin, sexual orientation, gender identity, disability status, marital status, or veteran status.