Security Research Engineer

  • Location:
    Offsite, Fulton, Maryland, US
  • Alternate Location
    Remote United States
  • Area of Interest
    Security
  • Compensation Range
    94600 USD - 186800 USD
  • Job Type
    Professional
  • Technology Interest
    Security
  • Job Id
    1387600
Location:  This position can be fully Remote in the United States.

The Talos Detection Response Team creates network and endpoint signatures that are distributed world-wide to multiple products in Cisco's security portfolio and the open-source community. 
 
In this position you will create detection content for vulnerabilities in a variety of Cisco and non-Cisco products. Understanding these vulnerabilities may come from reviewing technical reports, reading code diffs, or generating network traffic from proofs-of-concepts. Once released, these protections directly impact the security of people and organizations around the globe. With time and experience, you may have the opportunity to conduct in-depth research on novel threats, create tooling that forwards the mission of the team, and mentor junior team members. 
 
If you're a tenacious learner, have an excruciating interest in detail, and want to expand your career in information security this may be the right role for you. 
 
Role and Responsibilities: 
  • Research security threats, attacker techniques and tools, 0-day vulnerabilities 
  • Create advanced signatures and detection content for Snort, ClamAV, AMP, and other Cisco products 
  • Write in-depth technical advisories about threats and signatures 
  • Capture network traffic from threats for testing IPS and IDS security effectiveness 
  • Analyze malware samples and vulnerable binaries using static/dynamic analysis, debuggers 
Minimum Qualifications: 
  • In-depth experience with vulnerability analysis and common methods of exploiting vulnerabilities, such as Buffer Overflows, Cross-Site Request Forgery, Use-After-Free, XXE 
  • Extensive knowledge in network traffic analysis using tools such as Wireshark 
  • Solid knowledge of network, transport, and application layer protocols, such as IP, TCP, LDAP, TLS, RDP, SMB 
  • Experience with a compiled language (e.g. C, C++, Rust, Go) and a scripting language (e.g. Python, Ruby, Perl) 
  • Experience with the structure of common file formats, such as PDF, MS Office, EXE, ELF 
  • Experience with reverse engineering, malware analysis, and relevant tools (e.g. IDA Pro, Binary Ninja, Ghidra, radare2, x64dbg, WinDbg, OllyDbg) 
  • Experience analyzing assembly code and identifying code patterns in disassembled binaries 
  • Familiarity with the memory layout and different segments of a running process, such as the stack and the heap 
  • Basic knowledge of Windows and Linux internals 
  • Solid technical writing skills 
  • Ability to work independently with minimum supervision and in a small team, taking on additional tasks as required 
  • 5 years of work experience in the security industry 
  • Typically, Bachelors + 5 years related experience or Masters + 3 years related experience or equivalent experience.    
Preferred Qualifications: 
  • Familiarity with asymmetric ciphers (ECC, Diffie-Hellman, etc), symmetric ciphers (AES, DES, etc), and hashing algorithms (MD5, SHA256, etc) 
  • Experience with Snort rules language 
  • Experience with intrusion detection or forensic analysis 
  • Bachelor’s degree in Computer Science, Cyber Security, or other tech-related degree 

Why Cisco Secure
#WeAreCisco, where each person is unique. We bring our talents to work as a team each day, helping power an inclusive future for all. Get to know us!

We're global, we're adaptable, we're diverse, and our security portfolio is as extensive as it is groundbreaking. Have you heard of Threat, Detection & Response, Zero Trust by Duo, Common Services Engineering, or Cloud & Network Security? Those are only a few of our product teams! The only thing we're missing is YOU.

Join an enterprise security leader with a start-up culture, committed to driving innovation and giving you the opportunity to make an impact. We #InnovateToWin and we know we're better together, that's why we're dedicated to inclusivity, collaboration, and diversity in everything we do.

We're proud to be the Best Security Company in 2021 with the Best Authentication Technology and the Best Small and Mid-Size Enterprises Security Solution in 2022 by SC Media. Cisco Secure continues to grow and evolve year after year with 100% of Fortune 100 Companies using our products, and we're excited to see the new heights we'll reach with your passion for security, your customer focus, and your desire to change things up!

What else can you expect? An ongoing investment in your growth-that's why we offer many employee resource groups (called Inclusive Communities), mentorship programs, and hundreds of learning resources to consistently level up your skillset and explore your interests. Because when you succeed, we succeed!

"Cisco Secure offers an environment that combines cutting-edge, mission-critical, technology with some of the brightest, most diverse set of people I've ever had the pleasure of working with." - Chief of Staff, Engineering
Join Cisco Secure - Be You, With Us!

#CiscoSecureEng23
#TalosEngFY23
#LI-Remote

Message to applicants applying to work in the U.S.:

When available, the salary range posted for this position reflects the projected hiring range for new hire, full-time salaries in U.S. locations, not including equity or benefits. For non-sales roles the hiring ranges reflect base salary only; employees are also eligible to receive annual bonuses. Hiring ranges for sales positions include base and incentive compensation target. Individual pay is determined by the candidate's hiring location and additional factors, including but not limited to skillset, experience, and relevant education, certifications, or training. Applicants may not be eligible for the full salary range based on their U.S. hiring location. The recruiter can share more details about compensation for the role in your location during the hiring process.

U.S. employees have access to quality medical, dental and vision insurance, a 401(k) plan with a Cisco matching contribution, short and long-term disability coverage, basic life insurance and numerous wellbeing offerings. Employees receive up to twelve paid holidays per calendar year, which includes one floating holiday, plus a day off for their birthday. Employees accrue up to 20 days of Paid Time Off (PTO) each year and have access to paid time away to deal with critical or emergency issues without tapping into their PTO. We offer additional paid time to volunteer and give back to the community. Employees are also able to purchase company stock through our Employee Stock Purchase Program.

Employees on sales plans earn performance-based incentive pay on top of their base salary, which is split between quota and non-quota components. For quota-based incentive pay, Cisco pays at the standard rate of 1% of incentive target for each 1% revenue attainment against the quota up to 100%. Once performance exceeds 100% quota attainment, incentive rates may increase up to five times the standard rate with no cap on incentive compensation. For non-quota-based sales performance elements such as strategic sales objectives, Cisco may pay up to 125% of target. Cisco sales plans do not have a minimum threshold of performance for sales incentive compensation to be paid.

Share