Vulnerability Analyst & Researcher
Austin, Texas, US
- ADDITIONAL LOCATION(S)
- AREA OF INTEREST
Engineer – Software
- JOB TYPE
- TECHNOLOGY INTEREST
- JOB ID
Cisco enjoys a unique position and is leveraging an unprecedented capability to secure the network through intelligence derived from data collected on a global scale. The ThreatGrid and Cisco AMP teams are leading the way in their capacity to invent, prove-out, and enable new technologies in big data analytics and threat intelligence.
Who You’ll Work With
The Research & Efficacy Team is composed of highly skilled individuals who are comfortable working in a fast paced and technically challenging environment. The AMP Research and Efficacy Team are tasked with improving the detection and alerting capabilities of the AMP for Endpoints and Threat Grid product lines. Part of this work includes researching malware, attack and exploitation methods in order to generate Indicators and signatures for alerting within both products.
What You’ll Do
- Review and triage endpoint telemetry related to exploit prevention engine.
- Interface Directly with Tier 3 support team to provide resolution of issues with detections and other support cases.
- Triage and aid in the remediation of False Positive and False Negative triggers covering the AMP architecture.
- Produce & analyze clustered crash dumps to produce contextual events and reporting delivered to customers.
- Identify benign or normal activity in recorded execution of software
Who You Are
- Knowledge of operating system internals including Windows
- Prior knowledge or experience with Exploit development or Analysis.
- Ability to Read and comprehend Windows crash dumps.
- Ability and prior experiencing in writing and validation of threat signatures
- Scripting or programming experience (Python preferred)
- Excellent communication skills
- Ability to articulate technical issues
Nice to have
- Reverse Engineering and experience with IDA Pro, WinDbg, OllyDbg
- Data Mining and interpretation skills
- Experience in and knowledge of Clojure
- Background or knowledge of Quality Assurance