Engineer, Threat Research
Qualys is looking for threat researchers who can leverage their experience and expertise to identify and analyze threats, produce original research publications, and work with engineering teams to provide a feedback and related insights into a multitude of Qualys products.
You will be a member of the Qualys Threat Research Team, a team of threat researchers working together to solve security challenges in new and innovative methods. The team is responsible for leading and conducting research related to adversary attack tactics and techniques, threat actor groups and campaign activity. The primary output of the Threat Research Team is security content for Qualys products, blog posts, and conference presentations via researching the latest tactics, techniques, and procedures leveraged by adversaries. The Threat Research Team also works closely with the security, malware research, product, and engineering teams to develop novel protection strategies against emerging cybersecurity threats.
- Monitor, analyze and research emerging cyber threats, vulnerabilities, and exploits to identify novel TTPs and their related mitigations.
- Produce and test rules for hunting and enrichment
- Analyze threat attack life-cycle including its behavior, modus operandi and objectives.
- Follow an exhaustive approach involving intelligence collection, signature creation, and initial malware analysis.
- Research new methods and technologies to detect cyber threats, identify signals, and design approaches to use these signals to identify security threats and security breaches.
- Develop tools to automate and scale detection and response activities
- Writing detailed technical blog posts about the threats and TTPs discovered.
- Collaborate with other teams in developing and adding cross-product intelligence.
- B.E./B.Tech/M.Tech Computer Science/MCA/MCS from a reputed institution.
- Certifications in Computer Security domains are desired.
3+ years of relevant technical experience
- Expertise in MITRE ATT&CK and EDR/XDR technologies.
- Well groomed working knowledge of SIEM products.
- Experience with threat hunting, incident response, or security operations
- Experience with common threat intelligence tools, such as VirusTotal, Shodan, etc.
- Understanding of security controls, forensics, kill chain analysis, risk assessment and security metrics.
- Ability to perform initial static and dynamic malware analysis.
- Understanding of reverse engineering techniques.
- Knowledge of networking and the TCP/IP stack.
- Knowledge of programming or scripting languages.
- Knowledge of networking protocols and application file formats like PE, OLE files, and operating system internals.
- Excellent written and verbal communication.
- 'Can-do' attitude and great problem-solving skills.
- Adapt to changing priorities and quickly come up with innovative solutions.
- Take initiatives and work with minimal supervision.
- Act as a go-to person for your area of expertise.