At Bolster, you’ll be part of the team protecting major global brands from phishing, impersonation, and online fraud campaigns targeting their users and employees. You’ll work in a highly dynamic environment investigating suspicious domains and websites, validating real-world threats, and pursuing takedown actions during active proof-of-concept (POC) evaluations. This role supports Sales and Solutions Engineering by uncovering and confirming malicious activity, performing threat hunting, and helping demonstrate platform effectiveness by supporting takedowns. It is a strong opportunity to join a small and nimble team and contribute to the continued growth of Bolster’s protection platform.
Responsibilities
Review and assess emerging phishing, impersonation, and online fraud threats targeting Bolster’s prospects.
Identify and pursue takedowns for malicious content across web, social media platforms, and mobile application stores, including impersonation accounts, fraudulent applications, and related abuse.
Perform targeted threat hunting to identify malicious domains, credential harvesting sites, fake login portals, and related attacker infrastructure across multiple modules.
Use OSINT tools and investigative techniques (WHOIS, DNS records, certificate transparency, search-based discovery, and infrastructure pivoting) to enrich findings and uncover related malicious activity.
Analyze suspicious websites, hosting infrastructure, DNS records, redirects, and related artifacts to detect attack patterns and emerging abuse trends.
Pursue takedown actions during active proof-of-concept (POC) evaluations and track each case through successful remediation.
Coordinate with registrars, hosting providers, and relevant abuse contacts to drive timely enforcement actions.
Monitor previously reported malicious infrastructure to confirm suspension and identify re-registration, reactivation, or attacker evasion attempts.
Support the Sales team with technical validation and threat intelligence during active POCs and evaluations.
Generate periodic and ad-hoc reports highlighting threat activity, detection insights, and remediation outcomes.
Qualifications
2+ years of experience in trust & safety or brand protection, with a focus on Pre-Sales.
Well versed with phishing, impersonation, credential harvesting, and online fraud activity, including investigative and reporting workflows.
Experience supporting technical evaluations, proof-of-concepts (POCs), or internal presales efforts is strongly preferred.
Understanding of internet infrastructure, including domains, DNS, hosting providers, redirects, and attacker infrastructure.
Knowledge of security and fraud detection principles and common attacker tactics, techniques, and procedures.
Self-motivated and detail-oriented with the ability to work independently as well as collaboratively.
Strong analytical and investigative mindset, including problem-solving and hypothesis-driven investigation.
Strong written and verbal communication skills with the ability to clearly document findings and summarize technical information internally.
Security certifications (Security+, GSEC, or similar) are a plus.
Willingness and openness to assist with time-sensitive investigations aligned with active presales evaluations or critical incidents.
Why Bolster?
Bolster builds a next-generation AI-powered fraud prevention and brand protection platform designed to detect and eliminate phishing, impersonation, and online scams at internet scale. Our platform protects enterprises from external digital threats across websites, social media, mobile apps, messaging platforms, and the dark web—helping organizations safeguard their brands and customers from rapidly evolving cyberattacks.
Bolster is trusted by leading global enterprises and Fortune 500 companies that rely on our technology to detect and automatically take down phishing and impersonation attacks in real time.
Our team brings deep cybersecurity expertise with decades of combined experience across leading technology and security organizations. Bolster is backed by leading investors including M12 (Microsoft’s venture fund), Thomvest Ventures, and Crosslink Capital, helping accelerate innovation in AI-driven threat protection.
Our AI and machine learning technology uses deep learning, computer vision, natural language processing, and large-scale threat intelligence to detect malicious infrastructure and automate takedowns with high accuracy and speed.
We also extend our technology to the broader community through CheckPhish (
https://checkphish.ai) — a free phishing and scam detection tool used by millions of security researchers, organizations, and consumers worldwide. The platform helps identify fraudulent websites and contributes valuable threat intelligence to strengthen Bolster’s detection models.
What we offer:
-Excellent medical, dental, and vision insurance
-Flexible time off + paid holidays.
-Equity + 401(k) plan
