Web Security Researcher

SEON is the leading fraud prevention system of record, catching fraud before it happens at any point across the customer journey. Trusted by over 5,000 global companies, we combine your company’s data with our proprietary real-time signals to deliver actionable fraud insights tailored to your business outcomes. We deliver the fastest time to value in the market through a single API call, enabling quick and seamless onboarding and integration. By analyzing billions of transactions, we’ve prevented $200 billion in fraudulent activities, showcasing why the world’s most innovative companies choose SEON.

We are seeking a talented and experienced Web Security Researcher to join our dynamic Device Intelligence team. 

This role will report to the Engineering Manager, Device Intelligence. 

This role offers flexibility and is based in our Budapest office with a hybrid schedule of being in the office approximately three days per week.

WHAT YOU’LL DO:

• Conduct in-depth research into web security, with a specific focus on device fingerprinting and counter-fingerprinting techniques.
• Identify and analyze methods used by malicious actors to circumvent device fingerprinting for fraud detection.
• Develop proof-of-concept demonstrations for identified vulnerabilities and fraud patterns.
• Maintain expert-level knowledge of emerging web security threats, fraud methodologies, and privacy-enhancing technologies.
• Collaborate closely with development teams to integrate robust fraud detection and user tracking capabilities into our products.
• Document research findings comprehensively and systematically.
• Present research and insights to internal and external stakeholders.

WHAT YOU’ll BRING:

• Profound understanding of web browser internals (Chrome, Firefox, Safari, etc.) and their unique attributes.
• Expertise in web technologies including HTML, CSS, JavaScript, and HTTP/S, with an emphasis on how these contribute to device identification.
• Familiarity with common web vulnerabilities (e.g., XSS, CSRF, SQL Injection, SSRF) and their potential exploitation in fraud scenarios.
• Proficiency with network analysis tools (e.g., Wireshark, Burp Suite) for dissecting web traffic and fingerprinting attempts.
• Ability to analyze large datasets to identify patterns, anomalies, and insights
• Demonstrated ability to conduct independent security research and analysis, particularly in the domain of device fingerprinting and fraud detection.
• Strong problem-solving skills and attention to detail.
• Experience with reverse engineering and exploit development is a significant advantage.
• Highly persistent in tackling complex security challenges.
• Possesses an insatiable curiosity for new technologies and security paradigms.
• Proactive and self-driven, taking ownership of the entire R&D process.
• Excellent verbal and written communication skills for articulating complex technical concepts.
• Relevant professional experience in IT security research, with a focus on web security and device fingerprinting is an advantage.