Malware Intelligence Analyst

This position is posted by Jobgether on behalf of a partner company. We are currently looking for a Malware Intelligence Analyst in Bulgaria. This is an exciting opportunity to join a globally distributed cybersecurity team protecting hundreds of thousands of web servers from evolving online threats. As a Malware Intelligence Analyst, you will reverse-engineer real-world web malware, uncover attacker techniques, and transform your findings into high-precision detection signatures. Your work will directly contribute to safeguarding websites ranging from small CMS deployments to large-scale infrastructure environments. Operating within a 24/7 malware processing pipeline, you’ll collaborate across time zones to ensure rapid threat response and continuous coverage. This fully remote role offers a fixed schedule aligned with your time zone, empowering you to deliver meaningful impact while maintaining balance. If you are passionate about dissecting malicious code and strengthening web security at scale, this role offers both challenge and purpose. Accountabilities:

• Analyze, classify, and prioritize web-based malware threats, including obfuscated PHP backdoors, JavaScript injections, SEO spam, redirectors, and cryptominers targeting hosting environments.
• Reverse-engineer malicious PHP and JavaScript code to uncover attacker techniques and extract reliable detection patterns.
• Develop, test, and refine high-precision PCRE-based detection signatures for production scanning engines, minimizing false positives while maximizing coverage.
• Maintain strict service-level agreements (SLAs) as part of a globally distributed team providing continuous 24/7 malware coverage.
• Research emerging attack vectors such as CMS exploitation techniques, plugin/theme supply-chain compromises, and zero-day delivery methods.
• Contribute to improving internal processes, tooling, and automation to enhance detection efficiency and scalability.

Requirements:

• Strong expertise in PCRE regex, including advanced constructs, performance optimization, and accurate pattern design.
• Minimum 3 years of experience working with PHP and/or JavaScript, with the ability to read, analyze, and differentiate between legitimate and malicious code.
• Hands-on experience with web malware reverse engineering, deobfuscation techniques, and payload unpacking.
• Solid understanding of common web attack vectors (e.g., injection attacks, XSS, RCE, file upload exploits) and their behavior in hosting environments.
• Familiarity with web server architectures and shared hosting ecosystems (Apache, Nginx, LiteSpeed, reverse proxies, PHP handlers, WAFs, Linux file systems, namespaces, cgroups).
• Upper-intermediate or higher English proficiency.
• Additional assets include experience with WordPress internals, website incident response, penetration testing, Python scripting, YARA rules, or hosting control panels (cPanel, Plesk, DirectAdmin).
• Strong analytical thinking, curiosity about attacker methodologies, and the ability to work independently in a remote environment.

Benefits:

• Fully remote position with a fixed 5-day workweek (5 on / 2 off) aligned with your time zone — no mandatory rotation.
• 24 paid vacation days annually, plus 10 national holidays and unlimited sick leave.
• Additional compensation or extra vacation days for weekends and public holidays worked within your schedule.
• Private medical insurance compensation.
• Co-working space and gym/sports reimbursement.
• Performance-based recognition, including rewards for innovative ideas eligible for patenting.
• Structured onboarding and modern tooling to support continuous professional growth.

Why Apply Through Jobgether? We use an AI-powered matching process to ensure your application is reviewed quickly, objectively, and fairly against the role's core requirements. Our system identifies the top-fitting candidates, and this shortlist is then shared directly with the hiring company. The final decision and next steps (interviews, assessments) are managed by their internal team. We appreciate your interest and wish you the best! Why Apply Through Jobgether? Data Privacy Notice: By submitting your application, you acknowledge that Jobgether will process your personal data to evaluate your candidacy and share relevant information with the hiring employer. This processing is based on legitimate interest and pre-contractual measures under applicable data protection laws (including GDPR). You may exercise your rights (access, rectification, erasure, objection) at any time. #LI-CL1 We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us. Original job Malware Intelligence Analyst posted on GrabJobs ©. To flag any issues with this job please use the Report Job button on GrabJobs. Apply tot his job Apply To this Job