Security Research Engineer
Work type: Full-time
We are looking for a Security Researcher with a passion for cyber-attack analysis and research, hacking, and broad experience in protecting endpoints and networks from digital threats to work on our AI EdgelLabs product. You will be responsible for innovating new features and techniques that bring advanced malware protection, early threat detection, and automated incident response in the Linux-based edge servers and IoT environment (“edge computing”). You will work in the AI & Cybersecurity team closely with the Engineering and Product teams.
Essential position responsibilities:
- Perform research, analysis, design, testing and implementation of medium to complex Linux-based Edge and IOT network security and protection technologies.
- Conduct in-depth analysis of malware threats to identify key characteristics and behavior, and develop signatures, rules, and indicators of compromise (IOCs) to detect and block them.
- Develop and maintain tools and techniques for detecting and analyzing malware, including custom scripts, plugins, and sandboxes.
- Conduct research and analysis on network traffic and payloads to identify and analyze malicious activity and threats.
- Collect and prepare data sets for use in machine learning models, ensuring that they are representative, accurate, and relevant to the malware threats being analyzed.
- Work closely with data scientists and machine learning engineers to develop, test, and deploy machine learning models and algorithms for malware detection and classification.
- Continuously assess the effectiveness of existing security solutions and technologies, and make recommendations for improvements based on analysis of real-world threats and trends.
- Review and analyze security vulnerabilities for the customers’ Edge and IOT networks, application systems, hardware infrastructure and emerging technologies to improve the enterprise information security posture.
- Perform and design security incident response activities and technical investigations of information security-related incidents to help train autonomous Cyber AI.
- Perform tests on networking devices, appliance products and web-based applications.
- Present recommendations to the line of business on the inherent risks, providing meaningful mitigation strategies.
- Collaborate and consult with peers, colleagues, and managers to resolve product issues and achieve goals.
- Provide guidance and leadership to other security researchers and act as a mentor for these engineers.
- 3+ years of Cyber Security Research experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education.
- In-depth knowledge of malware analysis tools and techniques, including dynamic and static analysis, reverse engineering, and memory forensics.
- Experience with malware sandboxing tools and virtual machines.
- Hands-on experience in pentesting and hacking. Familiarity with vulnerability assessment and penetration testing tools such as Metasploit, Nmap or Burp Suite.
- Solid knowledge of the TCP/IP stack and networking technologies.
- Experience with network security technologies, including firewalls, intrusion detection/prevention systems, and endpoint protection solutions.
- Basic knowledge of security issues associated with containers, Kubernetes, Distributed Systems, and Linux of large-scale web applications.
- Hands-on programming experience in Python, Golang, Bash, or any other programming language.
- Knowledge of the MITRE ATT&CK framework and Cyber Kill Chain.
- Experience building IoT/OT, Edge, and network security solutions.
Would be a big plus:
- Knowledge and understanding of vulnerability identification and remediation.
- Experience with managing security aspects of cloud infrastructures and applications.
- Strong knowledge of IoT cloud networking architecture, operations, security.
- Knowledge and understanding of information security industry standards and government regulations.