Lead Cyber Threat Hunter

Data Science United States


Description

With the Securonix SNYPR platform, organizations can collect billions of events each day and analyze them in near real time to detect advanced persistent threats (APTs), insider threats, privilege account misuses and online fraud. 

Securonix pioneered the User and Entity Behavior Analytics (UEBA) market and holds patents in the use of behavioral algorithms to detect malicious activities. The Securonix SNYPR platform is built on big data Hadoop technologies and is infinitely scalable. Our platform is used by some of the largest organizations in the financial, healthcare, pharmaceutical, manufacturing, and federal sectors. 

We are a rocket ship startup, with great momentum, excellent position in the market, unicorn valuation, and high growth.  If you want to move fast and break things for a next generation security product with huge upside, read further!

Job Description

At Securonix, our data science and threat research teams put behavioral analysis first.  We believe that robust machine learning and statistical approaches are critical in the next generation of attack detection and response.  We also believe that real innovation happens when you have the right balance of skills on the team.  These skills include data science, engineering, and security expertise. That’s where you come in.  We are seeking an experienced, creative security researcher, who is deep into the mechanics of attacks, including exploit development, reverse engineering, living off the land, and the use of common attack tools such as Metasploit. 

The right person for this role is passionate about enterprise security and loves to break things.  This person revels in discovering new ways to attack an enterprise, in the spirit of developing new defenses.  This person also enjoys working with data scientists and engineers to produce data-driven detection and response solutions.  You don’t need to know the math, but you do need to enjoy working with those who do.  Finally, this person needs to have a product mindset, and seeks to drive new defensive solutions into our product.

Responsibilities include, but are not limited to:

  • Guide the data science team in the construction of new detection and response capabilities from an offensive security perspective
  • Innovate on new attack techniques that help us stay ahead of adversaries
  • Create and implement attack techniques on real world networks to generate data examples that the data scientists can use to study attacks
  • Aid the data science team in understanding real world attacks seen on our customers
  • Validate or invalidate prototype attack detections made by our team. Given a list of possible detections, tell us which are true, which are false, and why
  • Help set priorities for our research directions, focusing us on the most pressing threats.
  • Required Experience/Skills:
    First-hand knowledge of advanced adversary TTPs
  • 3-5 years of progressively responsible experience in threat hunting, full scope offensive operations, reverse engineering, vulnerability research, and OS internals
  • Experience with common attack tools such as Metasploit
  • Experience conducting living-off-the-land attacks on enterprise networks
  • Understanding of the current threat landscape and the different tactics commonly used by adversaries spanning multiple industries and threat profiles
  • Excellent interpersonal, organizational, writing, communications, and briefing skills
  • Exceptional analytical and problem-solving skills
Desired Skills:
  • Experience working with data science teams
  • Experience working on a SIEM, EDR, NDR, or XDR product research team
  • Experience with python, scripting, and the use of automation platforms
  • Familiarity with reverse engineering and vulnerability research
  • Mathematics, statistics, electrical engineering, or related interest/experience

 

Securonix, Inc. provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, gender, sexual orientation, gender identity, national origin, age, disability, genetic information, marital status, amnesty or status as a covered veteran in accordance with applicable federal, state and local laws. Securonix complies with applicable state and local laws governing non-discrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment, including hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training. Securonix expressly prohibits any form of unlawful employee harassment based on race, color, religion, gender, sexual orientation, national origin, age, genetic information, disability or veteran status. Improper interference with the ability of Securonix employees to perform their expected job duties is absolutely not tolerated.