Vectra’s Threat Labs represents the core security knowledge and research capability within the company – tasked with powering our leading-edge technologies and aiding customers. As a member of the Vectra Threat Labs team, you will be part of a highly experienced organization and respected authority on security threats and attack techniques.
Serving in the role of Senior Security Researcher - Cloud, you will have a direct impact on the direction of the company by researching threats, understanding how they appear in the cloud (IaaS, PaaS, SaaS) and helping technically shape the product direction. Some of the specific responsibilities include:
- Perform leading edge security research – malware analysis, cloud attack development, web-based threats, network/protocol analysis, etc. – and develop the detection capabilities forming the core of the product
Vectra offers the opportunity to be on the leading edge of cyber security – helping us grow a world-renowned security research organization. As the researcher tasked with inventing and improving cloud focused security detection technologies, you will be an integral part of our success.
When not working on new detection technologies, as a senior security researcher you are expected to research new security topics, engage in bug-hunts, and contribute to the community in a way that helps grow both your personal and company brands.
What You Will Do [Responsibilities]
- Identify and develop a deep understanding of cyberthreats facing cloud-enabled organizations
- Apply your expert insights and experience to research, develop, and classify new threats and related mitigation techniques
- Collaborate across Vectra to develop new detection models – working hand-in-hand with members of the data science and engineering teams
- Pursue security research topics that contribute to the knowledge about and enumeration of new threats
- Provide an attackers-eye-view to the evidence presented by Vectra products and educate customers to the technical nature of the threat
What You Will Need [Requirements]
- 5+ years direct experience in areas of security research, malware analysis, or cloud security architecture/development/analysis
- Deep understanding of cloud systems and security concepts for SaaS, IaaS, PaaS
- 5+ years of attack and penetration testing experience; or 5+ years of incident response and threat analysis experience
- Knowledge of exploitation techniques
- Knowledge of network and application protocols, and traffic analysis (network forensics)
- Proficiency with reverse engineering tools like standard debuggers, IDA pro, etc.
- Proficiency with network traffic analysis and network forensics tools such as Wireshark and tcpdump
- Knowledge of corporate security investigation and incident response processes, along with threat detection and mitigation technologies
- Solid programming skills with scripting languages such as Python and query languages like KQL
What Will Help You [Expectations]
- Professional or academic research in advanced security threats, particularly against cloud environments
- Operational experience in infosec as an incident handler, administrator, or internal consultant
- Experience with big data technologies such as Azure ADX, Amazon Redshift or Athena, Hadoop, Spark
- Participation in the broader infosec community with requisite contacts and access to external intelligence sources
- Understanding the lifecycle and economics of modern malware and advanced threats
- Strong problem solving, troubleshooting and analysis skills
- Excellent written and verbal communication skills
- Excellent inter-personal and teamwork skills
- Proactive, hard-working team player with a good sense of humor
- Self-driven, able to efficiently work remotely without close supervision