We are looking for a curious, analytical, and detail‑oriented JavaScript/ Front End professional with a strong interest in understanding how malicious software operates within browser‑based applications, particularly web extensions. The ideal candidate has a solid background in code review and the ability to assess the true behavior of software beyond its declared functionality, and a strong motivation to identify security risks at scale.
This role requires a hands‑on technical profile with strong out‑of‑the‑box thinking, capable of auditing both submitted code and internal review tools to uncover potential security gaps. A proactive mindset, combined with strong analytical and investigative skills, is key to success in this position.
Key Responsibilities
· Analyze browser extension code using static and dynamic analysis techniques to identify security violations and malicious behavior.
· Perform code reverse engineering and debugging, primarily focused on JavaScript‑based front‑end technologies.
· Review extension source code to determine actual behavior versus declared functionality.
· Identify, document, and report security vulnerabilities, including impacted code areas and recommended remediation actions.
· Support the investigation and takedown of malicious browser extensions.
· Audit and assess internal review and detection tools to identify potential gaps or flaws.
· Identify emerging threat patterns and share insights with the team to improve detection capabilities.
· Define and implement rules and detection patterns to identify security violations at scale.
· Recommend and contribute to process improvements and automation to enhance efficiency and accuracy.
· Act as a technical consultant, providing guidance, clarification, and technical input to team members.
· Conduct code reviews and provide feedback aligned with secure coding best practices.
· Collaborate with cross‑functional teams and maintain clear, well‑structured technical documentation.
Required Skills
· Strong hands‑on experience with JavaScript, including advanced concepts such as closures, prototypes, variable scope, hoisting, callbacks, and object‑oriented principles.
· Proficiency in HTML and CSS.
· Solid experience in code review, with the ability to assess real behavior and intent.
· Experience working with database queries, such as SQL.
· Strong analytical mindset with curiosity and the ability to think creatively and critically.
Nice‑to‑Have Skills
· Knowledge of web application and cybersecurity fundamentals, including vulnerability assessment and remediation.
· Experience or familiarity with browser extensions and their lifecycle.
· Exposure to cybersecurity tools such as Burp Suite, Nmap, or similar open‑source tools.
· Understanding of malware categories and behaviors.
· Experience or familiarity with DAST and SAST methodologies.
· Understanding of obfuscation and de‑obfuscation techniques.
· Experience with Node.js, Webpack, and front‑end frameworks or libraries such as React, Angular, or jQuery.
· Strong experience in writing technical and security assessment reports.
What we offer
- The chance to work with impact. Here, you’re empowered to bring your biggest thinking to help our company and clients improve everyday life.
- Ownership over your career. Stay at the top of your game through our award-winning learning and development ecosystem. And when your ambitions change or we offer new opportunities, we help you pivot by providing reskilling, on-the-job learning and guidance to find new roles that might be a better fit.
- The opportunity to thrive on a high caliber team with heart. We celebrate each other’s experiences and perspectives and promote a sense of belonging through our affinity groups and diversity and inclusion initiatives.
- A comprehensive total rewards package, including a competitive salary and a pension plan with matching contributions.
- Flexible health and financial benefits to support you and your eligible dependents—from day one.
- True work-life balance. Be at your best through paid time off, flexible work arrangements, volunteering opportunities, social events, and so much more.
About us
Cognizant (Nasdaq: CTSH) is an AI Builder and technology services provider, building the bridge between AI investment and enterprise value by building full-stack AI solutions for our clients. Our deep industry, process and engineering expertise enables us to build an organization’s unique context into technology systems that amplify human potential, realize tangible returns and keep global enterprises ahead in a fast-changing world. See how at www.cognizant.com or @cognizant.
Other employment-related information
Cognizant is an equal opportunity employer. Your application and candidacy will not be considered based on race, color, sex, religion, creed, sexual orientation, gender identity, national origin, disability, genetic information, pregnancy, veteran status or any other characteristic protected by federal, provincial or local laws.
If you have a disability that requires reasonable accommodation to search for a job opening or submit an application, please email [email protected] with your request and contact information.
Language requirements vary depending on roles, but we ask that all candidates have basic English proficiency for company-wide communications purposes. For roles based in Quebec, professional English proficiency is required, as you’ll deliver services to and collaborate with stakeholders outside the province who may not speak French.