Full-Time - Staff Threat Research Engineer
Job Description
Threat Research Engineer
Responsibilities:
· Responsible for providing technical leadership focused on information security architecture.
· Evaluate and analyze suspect malicious code through the utilization of forensic tools, dissemblers, debuggers, hex editors, un-packers, virtual machines, and network sniffers.
· Research on trends in various technologies used in the area of malicious content, vulnerability assessment, exploitation tactics and penetration testing.
· Analyze event logs/system logs from Windows Operating Systems, Unix/Linux Operating Systems, Cisco PIX/Switches/ Routers, Wireshark/Ethereal network captures and define log correlation rules to identify malicious activities.
· Design policies that intercept threats and other network attacks.
· Develop procedures to investigate threat incidents for the entire computer network.
· Perform forensic investigations as necessary.
· Create technical reports that includes details of the threats, identification parameters, advanced capabilities, and mitigation strategies.
Requirements:
· Candidate must possess at least a Bachelor’s/College Degree in Engineering (Computer/Telecommunication), Computer Science/Information Technology or equivalent.
· At least 3 years minimum experience in systems and server administrations in a large multi-platform setup (Windows, Unix-based).
· Applied knowledge in Internet tools and services (dns, dhcp, telnet, ftp, http, ssh, ssl, smtp, sql, apache, and iis).
· Applied knowledge in automation tools and scripting (vbscript, javascript, php, perl, python, ruby)
Preferred Skills/Experience
· Experience and knowledge on OS Hardening is an advantage.
· Familiarity with network architecture and security infrastructure placement.
· Knowledge and experience with intrusion detection systems (e.g. snort) and tools (e.g., tcpdump, Wireshark), plus log and packet analysis are good to have.
· Network-related certifications is a PLUS.