Skip to main contentA logo with &quat;the muse&quat; in dark blue text.
Trustwave

Security Researcher - Web Application Team

Manila, Philippines

Trustwave is a leading cybersecurity and managed security services provider that helps businesses fight cybercrime, protect data and reduce security risk. Offering a comprehensive portfolio of managed security services, security testing, consulting, technology solutions and cybersecurity education, Trustwave helps businesses embrace digital transformation securely. Trustwave is a Singtel company and the global security arm of Singtel, Optus and NCS, with customers in 96 countries. For more information about Trustwave, visit https://www.trustwave.com.

Trustwave SpiderLabs is the advanced security team responsible for security research, application security, incident response and penetration testing for Trustwave's clients. In addition, Trustwave SpiderLabs performs 3rd party security reviews and intelligence for Trustwave's products and provides security thought leadership to the entire organization. Members of Trustwave SpiderLabs are frequently asked to speak at security conferences around the world.

Want more jobs like this?

Get jobs in Manila, Philippines delivered to your inbox every week.

By signing up, you agree to our Terms of Service & Privacy Policy.

Trustwave SpiderLabs has research facilities in Chicago, Warsaw, London, Israel, Sydney and Auckland.

We are currently looking for a talented, highly motivated Web Application Security Researcher to join our Spiderlabs Web Application Security Research Team in Manila.

The researcher will be responsible for  tracking new trends in the web application security field, conducting vulnerability research on web applications attacks (such as SQL Injection and Cross-site Scripting), analyzing new threats and developing defensive protections including writing new ModSecurity rules for our commercial offering and detection signatures for our Web Application Security Scanner. The successful candidate will also be called upon to work with commercial WAF customers during professional services engagements.  This is a rare opportunity to work in a fulfilling role as part of a small team that is breaking new ground in the application security space. Trustwave is an exciting company with excellent customer ratings and outstanding growth rates.

Responsibilities:

  • Research, design and implement rules for our commercial ModSecurity ruleset   
  • Research, design and implement signatures for our Web Application Scanner (DAST)
  • Participate in code reviews
  • Participate in the design and architecture of new features   

Requirements:

  • 2+ years’ experience in web application security
  • 1-year experience in Python, JavaScript or other programming languages
  • Experience in web server and web application vulnerability research
  • Experience with regular expressions and writing exploit, vulnerability and attack detection signature
  • Experience working in an agile/scrum environment
  • Experience with source control, code review and issue tracking tools like Git, JIRA, etc.
  • Understanging of common Web Application vulnerabilities and exploit techniques
  • Experience using Web Application testing tools, like Burp or SQLMap
  • Highly motivated; Deadline and detail oriented
  • R&D Background
  • Bilingual English, verbal and written  

Additional Plus Competencies:

  • Information security or networking experience
  • Contribute to the design of the ModSecurity open source WAF
  • Excellent analytical thinking, troubleshooting, and problem solving skills
  • Experience with DevOps/System Administration
  • BSc in Computer Science or similar is preferred
  • Excellent customer service skills
  • Self managed and team oriented

Education:

We prefer college-educated applicants, but at minimum, high school diploma or equivalent is required for employment.

Trustwave is an Equal Opportunity Employer of Minorities, Females, Protected Veterans, and Individuals with Disabilities

To All Agencies:

Please, no phone calls or emails to any employee of Trustwave outside of the Talent Acquisition team. Trustwave’s policy is to only accept resumes from agencies via the Trustwave Agency Portal. Agencies must have a valid fee agreement in place and they must have been assigned the specific requisition to which they submit resumes, by the Talent Acquisition team. Any resume submitted outside of this process will be deemed the sole property of Trustwave and in the event a candidate is submitted outside of this policy is hired, no fee or payment of any kind will be paid.

 

 

Job ID: oMCgdfwB
Employment Type: Other

This job is no longer available.

Search all jobs