We are looking for a curious, analytical, and detail‑oriented JavaScript/ Front End professional with a strong interest in understanding how malicious software operates within browser‑based applications, particularly web extensions. The ideal candidate has a solid background in code review and the ability to assess the true behavior of software beyond its declared functionality, and a strong motivation to identify security risks at scale.
This role requires a hands‑on technical profile with strong out‑of‑the‑box thinking, capable of auditing both submitted code and internal review tools to uncover potential security gaps. A proactive mindset, combined with strong analytical and investigative skills, is key to success in this position.
Key Responsibilities
· Analyze browser extension code using static and dynamic analysis techniques to identify security violations and malicious behavior.
· Perform code reverse engineering and debugging, primarily focused on JavaScript‑based front‑end technologies.
· Review extension source code to determine actual behavior versus declared functionality.
· Identify, document, and report security vulnerabilities, including impacted code areas and recommended remediation actions.
· Support the investigation and takedown of malicious browser extensions.
· Audit and assess internal review and detection tools to identify potential gaps or flaws.
· Identify emerging threat patterns and share insights with the team to improve detection capabilities.
· Define and implement rules and detection patterns to identify security violations at scale.
· Recommend and contribute to process improvements and automation to enhance efficiency and accuracy.
· Act as a technical consultant, providing guidance, clarification, and technical input to team members.
· Conduct code reviews and provide feedback aligned with secure coding best practices.
· Collaborate with cross‑functional teams and maintain clear, well‑structured technical documentation.
Required Skills
· Strong hands‑on experience with JavaScript, including advanced concepts such as closures, prototypes, variable scope, hoisting, callbacks, and object‑oriented principles.
· Proficiency in HTML and CSS.
· Solid experience in code review, with the ability to assess real behavior and intent.
· Experience working with database queries, such as SQL.
· Strong analytical mindset with curiosity and the ability to think creatively and critically.
Nice‑to‑Have Skills
· Knowledge of web application and cybersecurity fundamentals, including vulnerability assessment and remediation.
· Experience or familiarity with browser extensions and their lifecycle.
· Exposure to cybersecurity tools such as Burp Suite, Nmap, or similar open‑source tools.
· Understanding of malware categories and behaviors.
· Experience or familiarity with DAST and SAST methodologies.
· Understanding of obfuscation and de‑obfuscation techniques.
· Experience with Node.js, Webpack, and front‑end frameworks or libraries such as React, Angular, or jQuery.
· Strong experience in writing technical and security assessment reports.
私たちについて:
コグニザント(NASDAQ: CTSH)は、AI builderおよびテクノロジーサービスプロバイダとして、AI投資を企業価値へとつなげるフルスタックのAIソリューションを提供しています。業界、業務プロセス、エンジニアリングに関する深い専門性を強みに、各企業固有のコンテキストをテクノロジーシステムに組み込み、人の力を最大限に引き出すとともに、具体的な成果の創出と、急速に変化する世界におけるグローバル企業の競争力維持を支援します。詳しくは、当社ウェブサイト www.cognizant.com をご覧ください。
雇用に関する追加情報
本募集に記載されている報酬情報は、掲載日時点で正確なものです。Cognizantは、適用される法令に従い、いつでも本情報を変更する権利を留保します。
応募者は、対面またはビデオ会議による面接への参加を求められる場合があります。また、各面接の際に、現在有効な州政府または政府発行の身分証明書の提示を求められる場合があります。
Cognizantは機会均等雇用主です。応募および選考において、人種、肌の色、性別、宗教、信条、性的指向、性自認、国籍、障がい、遺伝情報、妊娠、退役軍人の地位、その他連邦法・州法・地方自治体の法律により保護されるいかなる特性に基づく差別も行いません。
