Threat Researcher - Protectwise, Inc. Denver, CO, United States Bookmark Share Print 175 1 9

Listing Description

As a member of the Threat Management and Research team, you will be responsible for developing innovative threat detection techniques utilizing forward leaning technologies. You will have the chance to conduct research and hunt for threats on one of the world’s largest PCAP haystacks. You are analytical, detail oriented, and passionate about redefining the threat detection status quo.

You will:

- Design and implement methods to detect attacker activity in network traffic on both a tactical and strategic level.

- Perform network-based forensics on a massive PCAP dataset.

- Develop network indicators through research, malware analysis, and network forensics.

- Manage, validate, and classify threat intelligence from a variety of sources.

- Research new threats and attacker techniques.

- Blog and conduct webinars about interesting findings and innovative detection techniques.

- Hunt for new threats and track high level attacker trends.- Strong knowledge of network protocols, network analysis tools, and network architecture.

- Ability to analyze raw PCAP data to validate security events, interpret network traffic, and extract indicators.

- Perform basic malware analysis to develop network based indicators and custom protocol decoders.

- Knowledge of common attacker tools, malware families, and known attacker group TTPs.

- Ability to write tools and automate tasks in scripting languages such as Python.

- Experience hunting for unknown threats, as well as tracking existing campaigns and adversaries to see how they evolve over time.

- Experience writing snort/suricata signatures.

- BA or BS / MA or MS degree in Computer Science, Computer Engineering, Math, Information Security, Information Assurance, Information Security Management, Intelligence Studies, Cybersecurity, Cybersecurity Policy, or a related field; or, relevant work experience.