Security Researcher

Job Description

Posted on: 
September 4, 2023

Vectra AI’s Security Research Team represents the core security knowledge and research capability within the company – tasked with powering our leading-edge technologies and aiding customers. As a member of the Vectra AI Security Research team, you will be part of a highly experienced organization and respected authority on security threats and attack techniques.


  • Resarch and understand attacker TTPs to remain current as a subject matter expert within Vectra
  • Research new threat detection technologies and investigate innovative approaches to finding attackers operating within customer environments
  • Collaborate across Vectra to identify, research, and develop new detection models – working hand-in-hand with members of data science, consulting services, and other product teams
  • Replicate attacker techniques and tooling to produce samples for use during detection development and for detection validation and gap identification
  • Pursue security research topics that contribute to the knowledge and enumeration of new threats, tactics, and techniques in network, cloud, and hybrid environments
  • Provide an attackers-eye-view to the evidence presented by Vectra products and educate customers to the technical nature of the threat

Job Requirements

  • 3+ years of attack and penetration testing experience in a network environment; or
  • 3+ years direct experience in areas of security research, malware analysis, or incident response
  • Knowledge of corporate security investigation and incident response processes, along with malware detection and mitigation technologies
  • Solid programming skills with scripting languages such as Python
  • Strong problem solving, troubleshooting and analysis skills
  • Excellent written and verbal communication skills
  • Excellent inter-personal and teamwork skills
  • Proactive, hard-working team player with a good sense of humor
  • Self-driven, able to efficiently work remotely without close supervision

Attack simulation experience;

  • Knowledgable of the Tools, Techniques, and Procedures of advanced threat actors
  • Proficiency with common attacker and red team tools and frameworks: Cobalt Strike, Metasploit, Empire, Mimikatz, impacket, CrackMapExec, etc.
  • Ability to realistically recreate advanced threat actor TTPs within controlled environments

Network experience:

  • Knowledgeable in network and application protocols, and traffic analysis (network forensics)
  • Proficiency with network traffic analysis and network forensics tools such as Wireshark and tcpdump
  • Proficiency with host forensics and memory analysis tools to study advanced threat actor activities
  • Strong knowledge of networking and network application concepts: TCP/IP, UDP, HTTP, TLS, FTP, RPC, DNS, SMB, Kerberos, etc.

Apply now

More job openings