Reverse Engineer - Web Security & Data Access

🚨We're Hiring: Reverse Engineer at MrScraper

📍 Full-time

🌍 Global Opportunity — Visa & Green Card Sponsorship Available

📩 Send your CV, portofolio (optional) and expected salary to: hr@penateam.com

📌 Subject: [Reverse Engineer] - [Name]

Are you passionate about dissecting obfuscated code, uncovering hidden logic, and building clever solutions to tough security problems? Join us at MrScraper, where we empower companies to responsibly access and interpret public web data.

We’re on the lookout for a Reverse Engineer to join our growing team. If browser internals, encryption layers, bot detection bypasses, and web API inspection sound like your idea of fun you might be the talent we're looking for.

About the Role:

As a Reverse Engineer at MrScraper, you will:

• Analyze and reverse engineer client-side protections such as encrypted headers, obfuscated JavaScript, and anti-bot mechanisms.
• Deconstruct browser behavior and emulate complex fingerprinting techniques.
• Design and prototype solutions to automate secure and stable access to public web APIs.
• Collaborate closely with developers, data engineers, and security researchers.

Responsibilities:

• Reverse engineer modern web applications and APIs (e.g., e-commerce, marketplaces).
• Analyze encrypted payloads (e.g., fingerprint headers) and replicate logic in custom tooling.
• Maintain awareness of evolving web security mechanisms and recommend countermeasures.
• Build tools to mimic or bypass client-side integrity checks (headless browsers, proxies, emulators, etc.).
• Document technical findings and create clear, reproducible reports for internal use and client deliverables.

Key Requirements:

• Proven experience in reverse engineering, especially in web environments (JavaScript-heavy apps).
• Strong understanding of browser architecture, fingerprinting techniques, and HTTP/JS internals.
• Familiarity with dynamic analysis (DevTools, instrumentation) and static code analysis.
• Proficiency in scripting and automation (Python, Node.js, Puppeteer, etc.).
• Experience with encrypted communication patterns and/or bot protection mechanisms.

Bonus points for:

• Demonstrated experience bypassing WAFs, bot detections, or solving CTFs related to web security.
• Ability to write PoCs that generate valid API request headers/tokens.

What will you get?

• Very Competitive Salary - Above Market.
• Salary Increase Evaluation.
• International exposure working with international clients.
• International co-worker relations.
• Performance bonus.
• Offsite vacation every year.
• Visa and Green Card sponsorship