Talos Research Engineer Team Lead

  • Location:
  • Area of Interest
    Engineer - Software
  • Job Type
  • Technology Interest
  • Job Id

TALOS wants YOU!  As a team lead in the TALOS Detection Response Team, you will lead a team of subject matter experts in a wide range of fields & technologies, as well as newbies fresh out of college or the local CTF competition! You and your team will research vulnerabilities in software and network protocols, how they are exploited, be responsible for creation of detection content for the technologies TALOS supports, and act as a trusted security partner within the TALOS organization and Cisco.  Your team will take Proof-of-Concepts (PoC), verify they exploit the vulnerable condition, create a PCAP of the network traffic during exploitation, and write detection content, while not generating False Positives. You will lead your team from the front as they aggressively pursue TALOS’ goal: pissing off the bad guys!

Role & Responsibilities:

·       Oversee a team not to exceed 6 Analysts to:

·       Ensure work performed aligns with team’s goals as collaboratively determined with TALOS Management

·       Re-align work of team members quickly in the face of newly emergent threats/priorities

·       Produce reporting on team goal setting and satisfaction to TALOS Management

·       Organize and manage administrative tasks to minimize their impact on team members

·       Serve as conduit for team members to communicate with organizations / teams outside of TALOS

·       Analyze 0days and new security threats and tools

·       Analyze malware samples using static/dynamic analysis, debuggers

·       Create advanced detection content for Snort, ClamAV, AMP, and Security Intelligence

·       Write detailed technical advisories on new vulnerabilities

·       Capture network traces from exploits for testing IPS and IDS security effectiveness

·       Develop small tools as necessary (this is not a software development position)

Minimum Qualifications:

·       Four years work experience in the security industry

·       Solid base knowledge of networking, transport, and application layer protocols, such as IP, TCP, UDP, and HTTP, SMTP, POP, IMAP, SIP, and SSL

·       Experience with vulnerability analysis

·       Experience with common methods of exploitation, such as Buffer Overflows, Cross-site Scripting, Cross-site Forgery, and Reflection Attacks

·       Experience with the structure of common file formats, such as PDF, DOC, and SWF

·       Familiarity with structures in memory, such as the Stack and the Heap

·       Experience with OllyDbg or IDA Pro

·       Experience working in both Windows and Linux

·       Experience with network traffic dissectors such as Wireshark

·       Experience with Perl, Python, or Ruby

·       Experience with snort rules language

Desired Skills:

·       Excellent technical writing skills

·       Superb Analytical and problem solving skills

·       Superb organization, decision-making, and verbal and written communication skills

·       Ability to work independently with minimum supervision and take on additional tasks as required

·       Ability to lead a small team to solve complex problems

Preferred Qualifications:

  • Bachelor’s degree in Computer Science, Cyber Security, or other tech-related degree