Security Researcher

  • Location:
    Offsite, San Jose, California, US
  • Area of Interest
    Security
  • Job Type
    Professional
  • Technology Interest
    Security
  • Job Id
    1375823

  • Security Researcher- This position is fully Remote in the United States.

      

    Who You’ll Work With

    The Threat Research team is a multinational group of security researchers. We invent novel approaches to detecting phishing and malware attacks and other threats, both in small groups and by working independently to build detection content and proof-of-concept models. These models can transition to internally supported tools or to Talos development teams to be hardened and further developed for ingestion by Cisco products as part of Talos intelligence.

     

    Who You Are, What You’ll Do

    Good pattern recognition: identifying and anticipating new threats

    Dependable judgment and attentive to details

    Rapid prototyping of code to automate newly discovered threat patterns seen in malware, attacker techniques, network or endpoint telemetry

    Maintaining and bolstering our products’ high catch rate for threats

    Collaboration with similarly innovative interdisciplinary teams to meet efficacy goals

    Stay up to date on malware trends, perform malware analysis and hunt for patterns in telemetry, as necessary, to understand detection issues and possible solutions at initial access vectors, on endpoints, and from within network telemetry

     

    Desired Experience and Qualifications

    • Experience analyzing malicious documents, obfuscated scripts and dynamic malware analysis
    • Experience in any of: IT, machine learning, security, malware research, software development
    • Networking basics
    • Understanding of malware attack chains at the endpoint and network levels
    • Understanding of malware families, MITRE ATT&CK and commonly exploited CVEs
    • Experience building solutions to increase the efficiacy of malware or phishiing detection
    • Proficiency in Python development, scripting and automation
    • Shell scripting (bash, awk, sed, etc.)
    • Regular experience using a UNIX command line
    • Comfortable with regular expressions
    • Exploring obfuscated HTML/CSS/JS
    • Flexible and adaptable, able to pursue multiple separate tasks
    • Experience with writing signatures such as YARA, SNORT
    • Threat hunting and incident response familiarty that can be applied to creating detections
    • Experience with AWS
    • Experience with Docker containers

     

    Bonus Skills

    • Familiarity or interest in any combination of these is helpful
    • Experience with Kubernetes
    • Big data tools (Elasticsearch/ELK, HBase)
    • Familiar with relational databases
    • Statistics, probability, and machine learning
    • Fluent in reading non-English language(s)
    • Reverse engineering malware or domain generation algorithms

    Why Cisco?

    At Cisco, each person brings their unique talents to work as a team and make a difference. Yes, our technology changes the way the world works, lives, plays and learns, but our edge comes from our people.

    We connect everything – people, process, data and things – and we use those connections to change our world for the better.

    We innovate everywhere - From launching a new era of networking that adapts, learns and protects, to building Cisco Services that accelerate businesses and business results. Our technology powers entertainment, retail, healthcare, education and more – from Smart Cities to your everyday devices.

    We benefit everyone - We do all of this while striving for a culture that empowers every person to be the difference, at work and in our communities.

    Colorful hair? Don’t care. Tattoos? Show off your ink. Like polka dots? That’s cool. Pop culture geek? Many of us are. Be you, with us! #WeAreCisco

    Cisco is proud to be an Affirmative Action and Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, sexual orientation, national origin, genetic information, age, disability, veteran status, or any other legally protected basis. 

    We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.

    We see inclusion and diversity as essential to fueling the power of connection. Learn about inclusion and collaboration in action at Cisco. Diversity, Inclusion and Collaboration at Cisco

    Benefits and Perks

    We strive to keep our teams happy and healthy. Many roles have the option to be Remote or Hybrid. Cisco provides competitive pay, excellent medical, dental and vision coverage, 401(k) match, 20 days of paid time off plus holidays, support for parents and paid time to volunteer. View the benefits overview. Benefits and Perks - Cisco

    Join us! #WeAreCisco

    Cisco Covid-19 Vaccination Policy

    The health and safety of Cisco's employees, customers, and partners is a top priority. Our goal is to protect and mitigate the spread of COVID-19 infection for strong business resiliency during the pandemic. Therefore, Cisco requires all new hires to be fully vaccinated against COVID-19 in the U.S., unless otherwise prohibited by applicable law, and in countries where COVID-19 vaccination is legally required. The company will consider legally required accommodations/exceptions for medical, religious, and other reasons as per the requirements of the role and in accordance with applicable law. Additional information will be provided to candidates about the requirements and accommodation process at the offer time based on region.


Cisco Covid-19 Vaccination Requirements
The health and safety of Cisco's employees, customers, and partners is a top priority. Our goal is to protect and mitigate the spread of COVID-19 infection for strong business resiliency during the pandemic. Therefore, Cisco may require new hires to be fully vaccinated against COVID-19 if the role requires business-related travel, meeting with customers/partners (including visiting third-party sites on behalf of Cisco), attending trade events, and Cisco office entry, unless otherwise prohibited by applicable law, and in countries where COVID-19 vaccination is legally required. The company will consider legally required accommodations/exceptions for medical, religious, and other reasons as per the requirements of the role and in accordance with applicable law. Additional information will be provided to candidates about the requirements and accommodation process at the offer time based on region.

Share