Job Description
About the job Cyber Threat Investigator - QY7475Y9
The client's mission is to protect the worlds most sensitive data by equipping organizations to detect, investigate and stop advanced cyber-attacks.
Attackers are relentless and clever. They hide their exploits deep inside networks, email and endpoints. They dig as deep as attackers hide. With it, customers will know when they are being attacked, and they can retrace attackers steps and freeze them in their tracks.
The elite team of incident responders is in the trenches every day assisting customers to manage their way through critical security incidents of all kinds. This seat on the front lines gives us a unique view to see what works and what doesnt when it comes to keeping attackers at bay.
Take a seat with our preeminent team and be a part of our mission to give our customers the power to combat todays sophisticated advanced threats with a robust, comprehensive portfolio of products, services, and expertise.
Join a team where you can make a difference! What about the project? The client, the industry innovator in proactive cyber defense solutions, safeguards modern IT environments with unparalleled detection, deception, response, cloud security, and compliance capabilities. We offer full visibility across hybrid environments via rich, dynamic cyber terrain mapping and multi-faceted context and risk assessment.
These features help minimize attackable surface areas, automate exposure prevention, threat-detection, and incident response, and provide the context, accuracy, speed, and portability security professionals need to find and neutralize adversaries earlier in the attack lifecycle.
With this company, organizations remain resilient before and throughout cyber-attacks and emerge stronger and more secure.
We are looking for a Threat Researcher to help fuel our cutting-edge NDR and Cloud products that defend organizations from a variety of cyber threats.
Requirements: - Experience authoring rules using YARA/Snort/Suricata and Bash scripting
- Expert knowledge of network fundamentals and protocols ( SMTP, DNS, SMB, etc) is required
- Experience with Bash/Shell scripting
- Experience with network and packet analysis using tools such as Wireshark
- Previous experience within the cybersecurity industry
- Able to work independently on tasks within a team environment
Nice to have: - Experience working with security benchmarks such as CIS benchmarks
- Understanding of the adversary tactics and techniques frameworks
- Experience with incident response and documentation is strongly desired
- Experience writing malware detection and prevention rules is applications such as Suricata, and YARA
- Degree in Computer Science or equivalent
- Reverse engineering experience
Responsibilities: - Keep up to date on the latest information security threats
- Create rules based on CIS benchmarks of various operating systems, to feed our product
- Understand tactics and techniques, C2 patterns and indicators of compromise
- Create multi-layered countermeasures for the Fidelis Elevate product site including NDR and cloud
- Create rules for our NDR product to detect malicious activities on the network level
- Document findings and creating blog posts related to malware analysis and detections
Diversity is important to us: At the heart of our company is a diverse group of employees who rely on their intimate knowledge of customer requirements and a unique blend of skill and innovation to develop and deliver the best possible products and services. The company encourages the inclusion of all people and a work environment free from discrimination.
They are dedicated to the principles of equal employment and advancement of people based on their individual qualifications, skills and abilities. This commitment is supported by policies and procedures that foster a nondiscriminatory workplace. Guided by a rigorous code of ethics that is applied with integrity, these fundamental characteristics are reflected throughout our organization and are key components of the strength we deliver to our customers.
Looking forward to get in touch with you! AMS Accelerate IT
Job Tags