Principal Security Engineer - Data Science

Engineering - (Seattle, WA) Seattle, Washington


Description

Gigamon’s Applied Threat Research team is seeking a Principal Security Engineer with a focus on Data Science to play a vital role in advancing our security and detection strategy. The person in this role will work directly with our intelligence and detection teams to understand how they can leverage complex data analytics to enable discovery, detection, and response with Gigamon Insight, a SaaS based product for network detection and response. Ideally, the candidate has experience applying data science techniques to security use-cases and has a thorough understanding of data analytics, data engineering, and machine learning to lead projects independently. Alternatively, the candidate should have a strong network security background with an expert understanding of threats and a passion of leveraging network data for detection. 

If you love working with a top-tier research team to solve difficult problems, combat threats and protect customers while also working in a fast-growing dynamic organization, then this is the place for you!  

Responsibilities 

  • Conduct exploratory data analysis utilizing internal data from Gigamon Insight as well as external datasets collected by our intelligence team. 
  • Identify opportunities to improve user experience or security capability of the Gigamon Insight product using data analytics.  
  • Research, develop and maintain expert system based and behavioral based detection algorithms. Utilize supervised, semi-supervised, and unsupervised machine learning; with a distinct focus on classification and pattern-matching for the purpose of detection. 
  • Collaborate and communicate with the intelligence and detection team to identify particular attacker behaviors that might be suitable for identification using data analytics.   
  • Research and develop capabilities to improve incident investigation processes and capability in the Gigamon Insight product.  
  • Support Gigamon Insight’s engineering team in exposing the output of complex data analytics while maintaining an excellent user experience.   

    Desired Skills and Experiences

    • BS in Data Science or Computer Science (or similar field).  
    • 7+ years experience with Data Science (or relevant experience). 
    • Preferred 3+ years experience in a security operations role 
    • Experience interacting and leveraging large data stores as part of a data engineering process (S3, Parquet). 
    • Experience working with data processing pipelines (Hadoop, Spark). 
    • Ability to leverage scripting or programming languages in an applied manner to solve technical problems and prototype solutions. (SQL, Scala, Java, Python) 
    • Experience with data visualization tools and techniques to assist in scalable analysis (Tableu, matplotlib, plotly).  
    • Experience with applying one or more machine learning toolkits to achieve objectives in data analysis (sklearn, R, etc) 
    • Preferred experience with probabilistic modeling tools. 
    • Interest in mentoring and developing junior employees in subject matter expertise, specifically applying aspects of data analytics to daily operations. 
    • Desire to lead and drive multiple internal projects in a fast-paced environment. Must be highly responsible to the demands of a distributed team and be able to build structure and process out of chaos.  
    • Outstanding communicator with the ability to clearly convey complex ideas and data (in written and spoken formats) to and influence an audience including internal stakeholders and executive leadership.  
    • Ability to learn fast and scale with the demands of a fast-growing organization 

    About ATR: 

    The Gigamon Applied Threat Research (ATR) team’s mission is to dismantle the ability of an adversary to impact our customers. Our team of expert security researchers, engineers and analysts focuses on continuous research of threat actors and emerging attack techniques while building detection and investigation capabilities leveraging the Gigamon Insight network telemetry and intelligence datasets. The team has the following core functions: 

    • Threat Intelligence – Research threats to inform detection engineering efforts 
    • Detection Engineering – Research, build, and maintain high quality detection capabilities for Gigamon Insight 
    • Security Engineering - Act as User Zero for Gigamon Insight. Research, prototype and validate future functionality for detection and investigation capabilities