We are looking for a curious, analytical, and detail‑oriented JavaScript/ Front End professional with a strong interest in understanding how malicious software operates within browser‑based applications, particularly web extensions. The ideal candidate has a solid background in code review and the ability to assess the true behavior of software beyond its declared functionality, and a strong motivation to identify security risks at scale.
This role requires a hands‑on technical profile with strong out‑of‑the‑box thinking, capable of auditing both submitted code and internal review tools to uncover potential security gaps. A proactive mindset, combined with strong analytical and investigative skills, is key to success in this position.
Key Responsibilities
· Analyze browser extension code using static and dynamic analysis techniques to identify security violations and malicious behavior.
· Perform code reverse engineering and debugging, primarily focused on JavaScript‑based front‑end technologies.
· Review extension source code to determine actual behavior versus declared functionality.
· Identify, document, and report security vulnerabilities, including impacted code areas and recommended remediation actions.
· Support the investigation and takedown of malicious browser extensions.
· Audit and assess internal review and detection tools to identify potential gaps or flaws.
· Identify emerging threat patterns and share insights with the team to improve detection capabilities.
· Define and implement rules and detection patterns to identify security violations at scale.
· Recommend and contribute to process improvements and automation to enhance efficiency and accuracy.
· Act as a technical consultant, providing guidance, clarification, and technical input to team members.
· Conduct code reviews and provide feedback aligned with secure coding best practices.
· Collaborate with cross‑functional teams and maintain clear, well‑structured technical documentation.
Required Skills
· Strong hands‑on experience with JavaScript, including advanced concepts such as closures, prototypes, variable scope, hoisting, callbacks, and object‑oriented principles.
· Proficiency in HTML and CSS.
· Solid experience in code review, with the ability to assess real behavior and intent.
· Experience working with database queries, such as SQL.
· Strong analytical mindset with curiosity and the ability to think creatively and critically.
Nice‑to‑Have Skills
· Knowledge of web application and cybersecurity fundamentals, including vulnerability assessment and remediation.
· Experience or familiarity with browser extensions and their lifecycle.
· Exposure to cybersecurity tools such as Burp Suite, Nmap, or similar open‑source tools.
· Understanding of malware categories and behaviors.
· Experience or familiarity with DAST and SAST methodologies.
· Understanding of obfuscation and de‑obfuscation techniques.
· Experience with Node.js, Webpack, and front‑end frameworks or libraries such as React, Angular, or jQuery.
· Strong experience in writing technical and security assessment reports.
About us
Cognizant (Nasdaq: CTSH) is an AI Builder and technology services provider, building the bridge between AI investment and enterprise value by building full-stack AI solutions for our clients. Our deep industry, process and engineering expertise enables us to build an organization’s unique context into technology systems that amplify human potential, realize tangible returns and keep global enterprises ahead in a fast-changing world. See how at www.cognizant.com or @cognizant.
Additional employment information
Compensation information is accurate as of the date of this posting. Cognizant reserves the right to modify this information at any time, subject to applicable law.
Applicants may be required to attend interviews in person or by video conference. In addition, candidates may be required to present their current state or government issued ID during each interview.
Cognizant is an equal opportunity employer. Your application and candidacy will not be considered based on race, color, sex, religion, creed, sexual orientation, gender identity, national origin, disability, genetic information, pregnancy, veteran status or any other characteristic protected by federal, state or local laws.
