

Security Researcher
Location
Remote
Level
Senior
Department
Research
Type
Full - Time
Salary
Job Description
Posted on:
September 4, 2023
Vectra AI’s Security Research Team represents the core security knowledge and research capability within the company – tasked with powering our leading-edge technologies and aiding customers. As a member of the Vectra AI Security Research team, you will be part of a highly experienced organization and respected authority on security threats and attack techniques.
Responsibilities
- Resarch and understand attacker TTPs to remain current as a subject matter expert within Vectra
- Research new threat detection technologies and investigate innovative approaches to finding attackers operating within customer environments
- Collaborate across Vectra to identify, research, and develop new detection models – working hand-in-hand with members of data science, consulting services, and other product teams
- Replicate attacker techniques and tooling to produce samples for use during detection development and for detection validation and gap identification
- Pursue security research topics that contribute to the knowledge and enumeration of new threats, tactics, and techniques in network, cloud, and hybrid environments
- Provide an attackers-eye-view to the evidence presented by Vectra products and educate customers to the technical nature of the threat
Job Requirements
- 3+ years of attack and penetration testing experience in a network environment; or
- 3+ years direct experience in areas of security research, malware analysis, or incident response
- Knowledge of corporate security investigation and incident response processes, along with malware detection and mitigation technologies
- Solid programming skills with scripting languages such as Python
- Strong problem solving, troubleshooting and analysis skills
- Excellent written and verbal communication skills
- Excellent inter-personal and teamwork skills
- Proactive, hard-working team player with a good sense of humor
- Self-driven, able to efficiently work remotely without close supervision
Attack simulation experience;
- Knowledgable of the Tools, Techniques, and Procedures of advanced threat actors
- Proficiency with common attacker and red team tools and frameworks: Cobalt Strike, Metasploit, Empire, Mimikatz, impacket, CrackMapExec, etc.
- Ability to realistically recreate advanced threat actor TTPs within controlled environments
Network experience:
- Knowledgeable in network and application protocols, and traffic analysis (network forensics)
- Proficiency with network traffic analysis and network forensics tools such as Wireshark and tcpdump
- Proficiency with host forensics and memory analysis tools to study advanced threat actor activities
- Strong knowledge of networking and network application concepts: TCP/IP, UDP, HTTP, TLS, FTP, RPC, DNS, SMB, Kerberos, etc.