סקירה כללית
Guardio is on a mission to redefine consumer cybersecurity for the modern internet. We operate at consumer scale, protecting millions of people every day across devices, accounts, and digital touchpoints. In a world where phishing, fraud, and AI-powered scams evolve overnight, Guardio stays ahead of the curve. We move fast, think deeply, and build with purpose. Our culture is rooted in transparency, feedback, and collaboration along with shared wins, team dinners, company trips, and good times. We’re a team of 100+ makers, doers, and boundary-breakers. If you’re ready to tackle meaningful challenges, grow at lightning speed, and help shape the next frontier of online safety, you belong here. Let’s cut to the chase. What’s the job? We are looking for a Web Researcher to join the Guardio Labs team, our research team building the intelligence backbone behind Guardio’s security engine and personal digital-life posture platform. In this role, you’ll dive under the hood of real-world web services and apps. From DOM structure and client-side logic to hidden APIs and authentication flows, you’ll analyze how these services handle user data and turn that into security and privacy related signals. Your work will run at scale across millions of events, powering detections of exposed information, risky configurations, and privacy issues, and turning them into clear, actionable protection for our users. You will: * Design, build, and maintain the research and discovery infrastructure that fingerprints and analyzes online services at scale. * Develop DOM-based extraction logic, robust scrapers, and web-processing scripts (including CSS selectors, JS execution, regex, and complex parsing) to reliably capture security and privacy relevant data. * Analyze raw email data (headers, MIME structures, body content, and patterns) using custom parsers, rules, and automation pipelines to extract meaningful posture signals. * Operate and optimize large-scale data flows, ensuring signal quality, consistency, privacy, and data integrity across millions of events. * Continuously discover and classify new data sources and model them into structured, machine-consumable data with a direct product value. * Work closely with security analysts, fellow researchers, backend engineers, and product teams to translate raw signals into actionable security value for millions of users worldwide. * Enjoy a high level of autonomy in a fast-moving environment where your research directly shapes core product capabilities and affects users instantly. Sounds great! Am I the right fit? Well, our guess is you have a good chance of being that person if you check as many of these as possible: * 1–2 years of experience in security research, web research, or web development – or equivalent experience through personal projects, CTFs, white-hat hacking, and bug bounties. * Comfortable working with HTML, CSS, and JavaScript, using browser DevTools to inspect the DOM, network requests, and storage. * Hands-on experience writing scripts or small tools (in Python/JavaScript) to automate tasks, parse data, or debug web apps. * Basic understanding of how the web works: HTTP requests, authentication, cookies, sessions, and login/registration flows. * Curiosity (or basic experience) around email internals (headers, raw source, SMTP and concepts like SPF/DKIM/DMARC) and a strong willingness to go deep there. * Strong attention to detail and an analytical mindset, especially when dealing with messy real-world data and edge cases. * Excited by the idea of connecting technical dots from web pages and emails to security posture and real user impact. * A proactive, “let me dig into this and figure it out” attitude, with a strong respect for user privacy and data protection. Talk nerdy to me. Don’t mind if we do. Some notable facts: * Over 1 million users mean we get A LOT of leads and data to work with. * We use lots of Python, BigQuery, and vibe-code our brains out! * We create our own research tools and analysis platforms. * But we also love using Chrome DevTools, Burp, VirusTotal, URLScan, and tons of other command-line tools… * Thinking of a great addition? Let’s do it!
דרישות המשרה
לא צויין
