About the Customer:
-
Israeli proxy and web scraping company is looking for a security-minded analyst with a deep understanding of internet protocols, automation patterns, and detection mechanisms.
About the Project:
-
In this role, you’ll focus on analysing and mitigating bot threats, improving system resilience, and ensuring reliable access to public data sources.
You’ll work closely with engineering teams to simulate real-world traffic, identify weaknesses in detection systems, and help design solutions that align with platform guidelines while ensuring performance and reliability. And most importantly – you’ll get to work in a highly technical team that values creativity, autonomy, and deep problem-solving in a super flexible environment, modern stack, and a chance to impact real-world performance at scale.
Responsibilities:
-
• Research and analyse anti-bot protections (WAFs, captchas, fingerprinting, etc.) to improve service stability and response handling.
• Monitor public websites for access disruptions, and diagnose root causes at the network, browser, or protocol level.
• Reverse engineer modern client-side JavaScript defences used by bot mitigation vendors
• Implement systems that mimic human-like behaviour in client traffic to reduce false-positive bot detections.
• Continuously evaluate the performance and detectability of automated systems in high-security environments.
• Collaborate with developers to build more resilient, compliant, and efficient data access pipelines.
• Create detailed documentation, technical assessments, and threat models for ongoing protections.
REquirements:
-
• Proven offensive application security background
• Strong understanding of HTTP, TLS, DNS, WebSocket, and general internet protocols.
• Familiarity with bot detection systems, fingerprinting techniques, and rate-limiting behaviours.
• Hands-on experience with browser automation frameworks (e.g., Puppeteer, Playwright, Selenium).
• Ability to dissect and debug traffic using tools like Wireshark, Burp Suite, mitmproxy, or browser DevTools.
• Solid coding skills in Python, Node.js, Go, or similar.
• Comfortable working independently and taking ownership of technical investigations.
Bonus Points
• Experience building or defending against bot mitigation systems.
• Understanding of cloud WAFs (e.g., Cloudflare, Akamai, PerimeterX).
• Knowledge of browser fingerprinting and client behaviour modelling.
• Previous work in security research, threat analysis, or high-scale automation.