Security Research Engineer (Talos, US Remote)
Location:Offsite, Allen, Texas, US
Alternate LocationRemote United States
Area of InterestSecurity
Compensation Range104100 USD - 155100 USD
- Research security threats, attacker techniques and tools, 0-day vulnerabilities
- Create advanced signatures and detection content for Snort, ClamAV, AMP, and other Cisco products
- Write in-depth technical advisories about threats and signatures
- Capture network traffic from threats for testing IPS and IDS security effectiveness
- Analyze malware samples and vulnerable binaries using static/dynamic analysis, debuggers
- Experience with vulnerability analysis and/or common methods of exploiting vulnerabilities in web applications, or network protocols, or binary applications
- Experience using packet analysis tools like Wireshark to analyze common network protocols such as: HTTP/TLS, SMB, DNS, LDAP
- Experience with a compiled language (e.g., C, C++, Rust, Go) and a scripting language (e.g., Python, Ruby, Perl)
- Experience with reverse engineering, malware analysis, and relevant tools (e.g., IDA Pro, Binary Ninja, Ghidra, radare2, x64dbg, WinDbg, OllyDbg), as well as analyzing assembly code and identifying code patterns in disassembled binaries
- In-depth experience with vulnerability analysis and common methods of exploiting vulnerabilities, such as Buffer Overflows, Cross-Site Request Forgery, Use-After-Free, XXE
- Experience with the structure of common file formats, such as PDF, MS Office, EXE, ELF, and an ability to identify anomalies using popular file-analysis tools such as 010 Editor
- Knowledge of operating system internals and familiarity with concepts such as: application memory layout, C runtime or OS-related functions, kernel vs user space functionality
- Familiarity with asymmetric ciphers (ECC, Diffie-Hellman, etc.), symmetric ciphers (AES, DES, etc.), and hashing algorithms (MD5, SHA256, etc.)
- 2+ years of related industry experience in roles like: incident response, intrusion detection, forensic analysis, pentesting or red teaming, or vulnerability development
- Experience with Snort rules language
- Bachelors degree or equivalent experience
When available, the salary range posted for this position reflects the projected hiring range for new hire, full-time salaries in U.S. locations, not including equity or benefits. For non-sales roles the hiring ranges reflect base salary only; employees are also eligible to receive annual bonuses. Hiring ranges for sales positions include base and incentive compensation target. Individual pay is determined by the candidate's hiring location and additional factors, including but not limited to skillset, experience, and relevant education, certifications, or training. Applicants may not be eligible for the full salary range based on their U.S. hiring location. The recruiter can share more details about compensation for the role in your location during the hiring process.
U.S. employees have access to quality medical, dental and vision insurance, a 401(k) plan with a Cisco matching contribution, short and long-term disability coverage, basic life insurance and numerous wellbeing offerings. Employees receive up to twelve paid holidays per calendar year, which includes one floating holiday, plus a day off for their birthday. Employees accrue up to 20 days of Paid Time Off (PTO) each year and have access to paid time away to deal with critical or emergency issues without tapping into their PTO. We offer additional paid time to volunteer and give back to the community. Employees are also able to purchase company stock through our Employee Stock Purchase Program.
Employees on sales plans earn performance-based incentive pay on top of their base salary, which is split between quota and non-quota components. For quota-based incentive pay, Cisco pays at the standard rate of 1% of incentive target for each 1% revenue attainment against the quota up to 100%. Once performance exceeds 100% quota attainment, incentive rates may increase up to five times the standard rate with no cap on incentive compensation. For non-quota-based sales performance elements such as strategic sales objectives, Cisco may pay up to 125% of target. Cisco sales plans do not have a minimum threshold of performance for sales incentive compensation to be paid.