We are looking for a curious, analytical, and detail‑oriented JavaScript/ Front End professional with a strong interest in understanding how malicious software operates within browser‑based applications, particularly web extensions. The ideal candidate has a solid background in code review and the ability to assess the true behavior of software beyond its declared functionality, and a strong motivation to identify security risks at scale.
This role requires a hands‑on technical profile with strong out‑of‑the‑box thinking, capable of auditing both submitted code and internal review tools to uncover potential security gaps. A proactive mindset, combined with strong analytical and investigative skills, is key to success in this position.
Key Responsibilities
· Analyze browser extension code using static and dynamic analysis techniques to identify security violations and malicious behavior.
· Perform code reverse engineering and debugging, primarily focused on JavaScript‑based front‑end technologies.
· Review extension source code to determine actual behavior versus declared functionality.
· Identify, document, and report security vulnerabilities, including impacted code areas and recommended remediation actions.
· Support the investigation and takedown of malicious browser extensions.
· Audit and assess internal review and detection tools to identify potential gaps or flaws.
· Identify emerging threat patterns and share insights with the team to improve detection capabilities.
· Define and implement rules and detection patterns to identify security violations at scale.
· Recommend and contribute to process improvements and automation to enhance efficiency and accuracy.
· Act as a technical consultant, providing guidance, clarification, and technical input to team members.
· Conduct code reviews and provide feedback aligned with secure coding best practices.
· Collaborate with cross‑functional teams and maintain clear, well‑structured technical documentation.
Required Skills
· Strong hands‑on experience with JavaScript, including advanced concepts such as closures, prototypes, variable scope, hoisting, callbacks, and object‑oriented principles.
· Proficiency in HTML and CSS.
· Solid experience in code review, with the ability to assess real behavior and intent.
· Experience working with database queries, such as SQL.
· Strong analytical mindset with curiosity and the ability to think creatively and critically.
Nice‑to‑Have Skills
· Knowledge of web application and cybersecurity fundamentals, including vulnerability assessment and remediation.
· Experience or familiarity with browser extensions and their lifecycle.
· Exposure to cybersecurity tools such as Burp Suite, Nmap, or similar open‑source tools.
· Understanding of malware categories and behaviors.
· Experience or familiarity with DAST and SAST methodologies.
· Understanding of obfuscation and de‑obfuscation techniques.
· Experience with Node.js, Webpack, and front‑end frameworks or libraries such as React, Angular, or jQuery.
· Strong experience in writing technical and security assessment reports.
关于高知特 (Cognizant)
高知特(Cognizant)(纳斯达克代码:CTSH)作为一家AI Builder和相关技术服务提供商,致力于通过打造全栈AI解决方案,帮助企业将人工智能投资转化为实际价值。公司凭借深厚的行业经验、流程优化和工程技术专长,将企业独特的业务场景融入科技系统,赋能组织释放人才潜能,推动切实成果,并帮助全球企业在瞬息万变的环境中保持领先。如需了解更多详情,敬请访问 cognizant.ai 或关注@cognizant。
补充雇佣信息
薪酬信息截至本职位发布之日为准。Cognizant 保留在适用法律允许的范围内随时修改该信息的权利。
申请人可能需要通过现场面试或视频会议的方式参加面试。此外,候选人在每次面试时可能需要出示其当前所在州或政府签发的有效身份证件。
Cognizant 是一家提供平等就业机会的雇主。在招聘过程中,您的申请和候选资格不会因种族、肤色、性别、宗教、信仰、性取向、性别认同、国籍、残疾、遗传信息、怀孕、退伍军人身份或任何其他受联邦、州或地方法律保护的特征而受到影响。
