Security Researcher - Threat Intelligence

  • Category: Research & Development
  • Team: Security Research
  • Location: Waterloo, Ontario

Description

Position at Trustwave

Trustwave is a leading cybersecurity and managed security services provider focused on threat detection and response. Offering a comprehensive portfolio of managed security services, consulting and professional services, and data protection technology, Trustwave helps businesses embrace digital transformation securely. Trustwave is a Singtel company and the global security arm of Singtel, Optus and NCS, with customers in 96 countries. For more information about Trustwave, visit https://www.trustwave.com.

As a Security Researcher on the SpiderLabs Threat Intelligence team, you will be a key team member responsible for maintaining and expanding our Threat Intelligence program. This will include monitoring existing TI feeds and identifying new feeds and data exchange relationships. Additionally, you will help supplement and enrich our TI through correlation as well as expand the use of our TI across internal departments. The Security Researcher should have a passion for keeping on top of and analyzing new cyber threats.

Responsibilities:

  • Research and identify high confidence Threat Intel and IoC feeds
  • Map out correlations in existing feeds and with other external Trustwave Datastores
  • Identify Threat Intel gaps and use-cases across Trustwave software and services offerings
  • Work with other research teams and the engineering team to define new TI features in the Trustwave Fusion Platform


Requirements:

  • Experience with Threat feeds and IoCs
  • Expertise in network and host-based security threats
  • Expertise in keeping on top of emerging threats and trends
  • Experience with Elasticsearch
  • Familiarity with SIEM systems
  • Familiarity with STIX/TAXI and other TI formats and ingestion protocols
  • Self-motivated with the ability to work on projects with minimal oversight
  • Must possess strong written and verbal communication skills


Additional Plus Competencies:

  • Experience in MISP
  • Experience with AWS environments
  • Experience with a scripting language, preferably Python
  • Experience with vulnerability discovery and disclosure
  • Experience with IDS systems and familiarity with Snort/Suricata rule writing
  • Experience and willingness to write technical blog posts (Seehttp://blog.spiderlabs.com/)


Education:
We prefer college-educated applicants, but at minimum, high school diploma or equivalent is required for employment.

Trustwave is an Equal Opportunity Employer of Minorities, Females, Protected Veterans, and Individuals with Disabilities.

To All Agencies:
Please, no phone calls or emails to any employee of Trustwave outside of the Talent Acquisition team. Trustwave’s policy is to only accept resumes from agencies via the Trustwave Agency Portal. Agencies must have a valid fee agreement in place and they must have been assigned the specific requisition to which they submit resumes, by the Talent Acquisition team. Any resume submitted outside of this process will be deemed the sole property of Trustwave and in the event a candidate is submitted outside of this policy is hired, no fee or payment of any kind will be paid.

Share this opportunity

Trustwave is an Equal Opportunity Employer of Minorities, Females, Protected Veterans, and Individuals with Disabilities.

Trustwave is a leading cybersecurity and managed security services provider focused on threat detection and response. Offering a comprehensive portfolio of managed security services, consulting and professional services, and data protection technology, Trustwave helps businesses embrace digital transformation securely.Trustwave is a Singtel company and the global security arm of Singtel, Optus and NCS, with customers in 96 countries.

To All Agencies: Please, no phone calls or emails to any employee of Trustwave outside of the Talent Acquisition team. Trustwave policy is to only accept resumes from agencies via the Trustwave Agency Portal. Agencies must have a valid fee agreement in place and they must have been assigned the specific requisition to which they submit resumes, by the Talent Acquisition team. Any resume submitted outside of this process will be deemed the sole property of Trustwave and in the event a candidate is submitted outside of this policy is hired, no fee or payment of any kind will be paid.