Web Security Malware Analyst (Hybrid – Lisbon)
English Required / Based in Lisbon, Portugal / Hybrid
We are seeking a Front End/ Web Engineer with a strong foundation in web technologies who is eager to develop expertise in cybersecurity. This role focuses on analyzing, reverse engineering, and securing browser-based applications, with particular emphasis on web extensions. You will be trained to identify malicious behaviors, conduct security assessments, and contribute to automation and process improvements throughout the security analysis lifecycle.
Key Responsibilities:
Perform analysis of web browser extensions using static and dynamic methods to identify malicious behavior and security issues.
Reverse engineer and debug JavaScript to understand complex or obfuscated code.
Detect, document, and report security vulnerabilities, including root cause analysis and remediation recommendations.
Assist in the investigation and takedown of malicious browser extensions.
Carry out regular code reviews and provide feedback aligned with secure coding standards.
Review and inspect JavaScript code to identify suspicious or malicious activity, performing reverse engineering when required.
Design and implement detection rules and security patterns to identify violations at scale.
Monitor emerging threat trends and share findings to strengthen detection capabilities across the team.
Propose improvements, contribute innovative ideas, and support the automation of existing processes.
Serve as a technical reference point, offering guidance, clarification, and technical support to team members.
Work closely with cross-functional teams while maintaining clear and accurate technical documentation.
Support the continuous enhancement of security workflows and tooling.
You are someone who brings:
Strong hands‑on experience with JavaScript, including advanced concepts such as closures, prototypes, variable scope, hoisting, callbacks, and OOP principles.
Required hands‑on experience with HTML and CSS.
Required knowledge of JSON, AJAX, and ES6/ES7 standards.
Good understanding of Node.js and Webpack.
Experience working with front‑end frameworks or libraries such as React, Angular, or jQuery.
Strong code analysis, debugging, and reverse engineering skills, particularly in JavaScript applications.
Ability to analyze JavaScript code and identify malicious activities effectively.
Good communication skills and the ability to work as a collaborative team player.
Added Advantages (Nice to Have):
Cybersecurity experience or strong security knowledge.
Familiarity with DAST and SAST methodologies.
Knowledge of cybersecurity open‑source tools such as Burp Suite, Nmap, or similar tools.
Understanding of obfuscation and de‑obfuscation techniques.
Experience writing technical and security assessment reports.
About Cognizant:
Cognizant (Nasdaq: CTSH) is an AI Builder and technology services provider, bridging the gap between AI investment and enterprise value by building full-stack AI solutions for our clients. Our deep industry, process and engineering expertise enables us to build an organization’s unique context into technology systems that amplify human potential, drive tangible outcomes and keep global enterprises ahead in a fast-changing world. See how at cognizant.ai or @cognizant.
Additional employment information
Compensation information is accurate as of the date of this posting. Cognizant reserves the right to modify this information at any time, subject to applicable law.
Applicants may be required to attend interviews in person or by video conference. In addition, candidates may be required to present their current state or government issued ID during each interview.
Cognizant is an equal opportunity employer. Your application and candidacy will not be considered based on race, color, sex, religion, creed, sexual orientation, gender identity, national origin, disability, genetic information, pregnancy, veteran status or any other characteristic protected by federal, state or local laws.
