Senior Threat Exploit Researcher
- Job Posting Locations:
- Houston, Texas
- Austin, Texas
- Dallas, Texas
- Remote, United States
- Cardiff, Wales
- Belfast, Northern Ireland
- Remote, United Kingdom
- Houston or Austin
- Department: Threat Intelligence
- REQ #: 2767
About Alert Logic
Alert Logic® seamlessly connects an award-winning security platform, cutting-edge threat intelligence, and expert defenders – to provide the best security and peace of mind for your business 24/7 – at a lower total cost than point solutions, SIEM tools, or traditional security outsourcing vendors. We offer a new approach to evolving threats, expanding compliance risks, and resource constraints — helping you get the right level of security and compliance coverage across any environment. That’s SIEMless Threat Management. Only from Alert Logic.
Job Summary: Senior Threat Exploit Researcher
The Research team in Alert Logic acquires vulnerability or threat information from internal telemetry and external sources. Using this information, a Senior Threat Exploit Researcher is expected to perform independent learning on familiar and new subjects to understand, replicate and propose detection methods for these threats. This will include advanced proof of concept attack simulations/development, malware analysis and familiarity with a range of exploit options. The outcome of this work is channeled through a defined research process in order to produce the most accurate and effective detection coverage for the organisation. The senior researcher will be expected to contribute to knowledge sharing, training and project leadership.
- Analyse, translate, and document code behavior in a sanitized/isolated environment
- Document research and attack tools and systems
- Work with the Active Intelligence Team to perform proactive research to identify and characterize new emerging threats, vulnerabilities, tactics, techniques and procedures used by bad actors in the wild.
- Work with internal teams to help prepare and protect Alert Logic’s customers against emerging threats.
- Individual project leadership and input to future project planning and development
- Training and subject area leadership and expertise within the team
- Performs other duties as assigned
Required Skills and Experience
- Possess a passion for security and knowledge of the current trends and emergent threats in the industry (3-4 years)
- Strong ethics and integrity
- Strong ability to independently identify and resolve critical and complex issues through effective problem solving skills.
- Dynamic, fast learner and versatile individual, willing to learn and explore the field of security research.
- Good communication and presentation skills, with the ability to present relevant data to varied audiences
- Ability to work independently with minimal supervision
- Ability to produce actionable research information for delivery to varied audiences in the form of technical reports, briefings, presentations and data feeds.
- Commitment to high quality and results driven mindset in all activities
- Have a working knowledge of diverse research methods and how to utilize methods to shape data gathering, analysis, and reporting
- Show attention to detail when examining data and communicating recommendations
- Provide sufficient technical detail to show data gathering and analysis to support recommendations
- Ability to understand the work that needs to be done to provide a solution and realize when to stop working
- Showing initiative, leading to proposed solutions
- Experience in developing methods of tracking and projecting completion of work
- Management of several high value topics simultaneously and effective prioritization
- Exceptional time management
- Demonstrable knowledge of attack tools and the cyber-offensive mindset
- Demonstrable advanced knowledge of operating system internals (Linux/Windows) and common applications
- Evidence of familiarity with deploying/managing/analysing open source security and the open source ecosystem
- Network protocol/traffic analysis and debugging
- Evidence of experience with defensive tools such as IDS/WAF/SIEM technologies and their content
- Evidence of experience with automation, software testing and scripting
- Knowledge of application security assessments or penetration testing
- Knowledge of exploit reverse engineering and development/patch analysis
- Understanding of vulnerability mitigation strategies
- Experience of project management
Desired Skills and Experience
- Knowledge of malware operation and the Cyber Kill Chain
- Understanding of intrusive and disruptive software–viruses, worms, Trojans, rootkits, etc.
- Evidence of use of AWS tools and services
- Familiarity with debuggers, disassemblers, the windows registry, and other RCE tools
- Cryptographic algorithm design and review
- Virtual Machines and VM networking
- Familiarity with networking infrastructure equipment management and vulnerabilities (Cisco/Juniper etc.)
- First-hand experience in investigating/monitoring Dark Net activity
- Experience with TOR/IC2 network use and setup
- IDS/IPS Signature development and testing
- Understand how to protect, monitor, and respond to network attacks, reconnaissance, and intrusions
- Log management (syslog/rotation)
- DevOps tool management (Chef/Puppet/Docker etc.)
- SQL Database usage
- Data science/statistics
- Experience working with remote team members and maintaining momentum in this environment
- Experience working on inter-team projects
- Experience of limited team management
- Degree/Graduate level education (2:1 minimum) in Computer Science/Electrical Engineering or a related discipline
- Certifications in a security relevant domain, e.g. GCIA/GCIH/CISSP are desirable
Alert Logic is committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or Veteran status. If you have a disability or special need that requires accommodation, please let us know.
Notice to recruitment agencies: Alert Logic does not accept unsolicited candidate resumes from recruiting agencies. We will not be liable for and will not pay placement fees for unsolicited resumes submitted to our jobs postings, employees or company locations.