Security Analyst, Presales

About The Position

Requirements

• 2+ years of experience in trust & safety or brand protection, with a focus on Pre-Sales.
• Well versed with phishing, impersonation, credential harvesting, and online fraud activity, including investigative and reporting workflows.
• Understanding of internet infrastructure, including domains, DNS, hosting providers, redirects, and attacker infrastructure.
• Knowledge of security and fraud detection principles and common attacker tactics, techniques, and procedures.
• Self-motivated and detail-oriented with the ability to work independently as well as collaboratively.
• Strong analytical and investigative mindset, including problem-solving and hypothesis-driven investigation.
• Strong written and verbal communication skills with the ability to clearly document findings and summarize technical information internally.
• Willingness and openness to assist with time-sensitive investigations aligned with active presales evaluations or critical incidents.

Nice To Haves

• Experience supporting technical evaluations, proof-of-concepts (POCs), or internal presales efforts is strongly preferred.
• Security certifications (Security+, GSEC, or similar) are a plus.

Responsibilities

• Review and assess emerging phishing, impersonation, and online fraud threats targeting Bolster’s prospects.
• Identify and pursue takedowns for malicious content across web, social media platforms, and mobile application stores, including impersonation accounts, fraudulent applications, and related abuse.
• Perform targeted threat hunting to identify malicious domains, credential harvesting sites, fake login portals, and related attacker infrastructure across multiple modules.
• Use OSINT tools and investigative techniques (WHOIS, DNS records, certificate transparency, search-based discovery, and infrastructure pivoting) to enrich findings and uncover related malicious activity.
• Analyze suspicious websites, hosting infrastructure, DNS records, redirects, and related artifacts to detect attack patterns and emerging abuse trends.
• Pursue takedown actions during active proof-of-concept (POC) evaluations and track each case through successful remediation.
• Coordinate with registrars, hosting providers, and relevant abuse contacts to drive timely enforcement actions.
• Monitor previously reported malicious infrastructure to confirm suspension and identify re-registration, reactivation, or attacker evasion attempts.
• Support the Sales team with technical validation and threat intelligence during active POCs and evaluations.
• Generate periodic and ad-hoc reports highlighting threat activity, detection insights, and remediation outcomes.

Benefits

• Excellent medical, dental, and vision insurance
• Flexible time off + paid holidays.
• Equity + 401(k) plan