Principal Software Engineer Phishing and Content Protection

We are open to candidates across North America to work remotely.

Lookout is an integrated endpoint-to-cloud security company. Our mission is to secure and empower our digital future in a privacy-focused world where mobility and cloud are essential to all we do for work and play. We enable consumers and employees to protect their data, and to securely stay connected without violating their privacy and trust. Lookout is trusted by millions of consumers, the largest enterprises and government agencies, and partners such as AT&T, Verizon, Vodafone, Microsoft, Google, and Apple. Headquartered in San Francisco, Lookout has offices in Amsterdam, Boston, London, Sydney, Tokyo, Toronto and Washington, D.C.

With a massive mobile security dataset and over 100 granted patents, Lookout's security platform, the Lookout Security Cloud, supports a wide range of Lookout products and services and forms the backbone of Lookout's value and competitive advantages in the mobile security market.

We are looking for a Staff Security Researcher to join our Phishing and Content Protection (PCP) team, a group of Engineers and Researchers dedicated to protecting Lookout users from phishing and other web-based threats. The PCP team leverages tools driven by state-of-the-art machine-learning (ML) and artificial intelligence (AI) to identify threats, track malicious actors, and derive intelligence on tactics, techniques, and procedures (TTPs). This big-data approach allows us to process and analyze millions of new data points every day adding to our extensive and growing corpus of phishing data and supporting the creation of new coverage to shield users and their mobile devices from malicious actors.

Responsibilities:

• Research malicious actors, their tools, methods and targets.
• Identify and stop content-based attacks against Lookout users.
• Create detection logic and find patterns and trends to protect users from current and future phishing threats.
• Collaborate with other researchers and engineers to develop the tools to support our most critical research initiatives and content development workflows.
• Contribute to publication of discoveries of phishing and other web-based threats.

Qualifications & skills:

• Ability to read and make sense of common web technologies and languages such as HTML, JavaScript, PHP etc. Previous experience in reverse engineering of software preferred.
• Proficiency in one or more programming languages (e.g. Python, Ruby, Java) to create research tools and ad-hoc scripts.
• Knowledge of the Domain Name Service (DNS) and whois system and solid understanding of HTTP and TLS protocol and certificates.
• Previous experience in ML / AI or data science is an asset.
• Familiarity with cloud IaaS preferred.
• Strong written and verbal communication skills.
• Curiosity and ability to think like an attacker.
• Collaborative attitude and an interest in growing a strong research team and culture.

Tools and languages:

• Dns
• Whois
• Passive DNS
• Html
• JavaScript
• Php
• Python