Security Researcher - Web Application Firewall (WAF)

Trustwave helps businesses fight cybercrime, protect data and reduce security risk. With cloud and managed security services, integrated technologies and a team of security experts, ethical hackers and researchers, Trustwave enables businesses to transform the way they manage their information security and compliance programs. Trustwave delivers automated, efficient and cost-effective threat, vulnerability and compliance management. Trustwave is headquartered in Chicago, with customers in 96 countries. For more information about Trustwave, visit

SpiderLabs is the advanced security team responsible for application security, incident response, penetration testing, physical security and security research for Trustwave's clients. In addition, SpiderLabs performs 3rd party security reviews and intelligence for Trustwave's products and provides and security thought leadership to the entire organization. SpiderLabs has responded to hundreds of security incidents, performed thousands of penetration tests and security tested hundreds of business applications for some of the largest organizations in the world. Members of SpiderLabs are frequently asked to speak at security conferences around the world. SpiderLabs has research facilities in Chicago, Sao Paulo, London, Israel, Sydney and Auckland.

The Security Researcher will be a key team member of the web security research team whose focus will be tracking new trends in the web application security field. This position will conduct vulnerability research on web applications and other server-side software attacks (such as SQL Injection, Cross-site Scripting, LFI/RFI etc.), analyze and evaluate new threats and develop defensive protections.  The Security Researcher brings experience in web attack and exploit research and uses it to extend the security research and the detection capabilities of the Trustwave Web Application Firewall (WAF) product.  The successful candidate will enjoy the challenge and rewards of the changing landscape of web security.


  • Background in the web security field
  • Experience in server side vulnerabilities research
  • Experience writing exploit, vulnerability and attack detection signatures
  • Programming skills: web-based languages is a must, scripting languages
  • Ability to work under tight deadlines with creativity
  • Self-motivated, independent and able to understand complex systems
  • Bilingual Hebrew/English, verbal and written

Additional Plus Competencies:

  • Linux / Unix knowledge
  • Experience with regular expressions (Regex)
  • Experience with web application firewall (WAF) concepts and technologies

Interested parties, please submit a copy of your resume/CV in English.

We prefer college-educated applicants, but at minimum, high school diploma or equivalent is required for employment.

Trustwave is an Equal Opportunity Employer of Minorities, Females, Protected Veterans, and Individuals with Disabilities.

To All Agencies:
Please, no phone calls or emails to any employee of Trustwave outside of the Talent Acquisition team. Trustwave’s policy is to only accept resumes from agencies via the Trustwave Agency Portal. Agencies must have a valid fee agreement in place and they must have been assigned the specific requisition to which they submit resumes, by the Talent Acquisition team. Any resume submitted outside of this process will be deemed the sole property of Trustwave and in the event a candidate is submitted outside of this policy is hired, no fee or payment of any kind will be paid.

Back to top