Listing Description
Have you spent time hunting threats inside and outside networks? Developed and tracked activity groups? Want to use those skills to hunt those who threaten civilization? Want to catch and expose threats targeting power plants, water, manufacturing systems, and other industrial control systems? Dragos threat intelligence works to discover these threats, develop innovative analytics for detection, support investigations and incident response, and provide customers with world-class situational awareness.
Unlike many other teams with a broader mission, we focus solely on operational threats to industrial control networks; this gives our analysts the time and space necessary to do world-class research and intelligence on the most advanced and significant threats in the world. Most analysts as they progress in their career are required to increase their scope thereby losing many critical skills – this is an opportunity for experienced analysts to drop back down into a highly technical and specific area of critical importance becoming one of the few ICS threat hunters in the world. A rare opportunity for many.
At Dragos, we are not traditional intelligence analysts; we are hunters of evil which threatens the functions of civil society. We are dedicated to the idea that intelligence not properly communicated is not intelligence at all. We support our Dragos Platform through vulnerability analysis, threat intelligence, and behavioral analytics. We support Dragos Professional Services through intelligence support to incident response, assessment, and managed threat hunting.
Dragos is primarily located in Maryland and our Threat Intelligence team is mainly remote.
Requirements
5+ years’ hunting and tracking targeted threats
5+ years’ experience with network-based intrusion analysis
Knowledge of common malware functionality and operations and comfortable working with static and dynamic binary analysis output
5+ years developing analytics to enable threat hunting and detection
Experience pivoting across the Diamond Model, all stages of the Kill Chain, and ATT&CK
Demonstrable experience producing customer-facing intelligence reports with strong writing skills
Experience developing indicators of compromise (IOCs) for customer-facing applications
1+ year working directly with customers to collect requirements and feedback on intelligence products and services
Able to work well with a remote team of collaborators and deliver product on time and within quality guidelines
Comfortable in at least one scripting language (like Python) enabling the analyst to automate their own tasks when necessary
Good research and documentation skills including knowledge of major OSINT sources and their investigatory value
Nice to Have
Experience with industrial control systems and threats specific to their operational environment
Experience reverse engineering malware with static and/or dynamic tools and techniques
Experience developing YARA, snort, and/or Bro signatures
Experience working with an operations center and/or incident response team
Dragos seeks passionate, hard-working, fun-loving, small-ego, big-brained people. Our tagline is “Safeguarding Civilization” not because we think highly of ourselves, but because the problems we are solving are critically important, today and in the years to come. We look for ICS experts across industries who are committed to growing global expertise in the space by training the next wave of future innovators and thought leaders.
We offer competitive salary, equity, full benefits (medical, dental, vision, disability, and life insurance as well as 401K.
Dragos is proud to be an equal opportunity workplace dedicated to pursuing and hiring a diverse workforce. Come join us!
5+ years’ hunting and tracking targeted threats
5+ years’ experience with network-based intrusion analysis
Knowledge of common malware functionality and operations and comfortable working with static and dynamic binary analysis output
5+ years developing analytics to enable threat hunting and detection
Experience pivoting across the Diamond Model, all stages of the Kill Chain, and ATT&CK
Demonstrable experience producing customer-facing intelligence reports with strong writing skills
Experience developing indicators of compromise (IOCs) for customer-facing applications
1+ year working directly with customers to collect requirements and feedback on intelligence products and services
Able to work well with a remote team of collaborators and deliver product on time and within quality guidelines
Comfortable in at least one scripting language (like Python) enabling the analyst to automate their own tasks when necessary
Good research and documentation skills including knowledge of major OSINT sources and their investigatory value
Listing Details
- Salary: $170000 - $200000
- Citizenship: No Requirements
- Incentives: Stock Options
- Education: No Requirements
- Travel: No Travel
- Telework: Full Telecommute