empty

Senior Security Researcher

Vectra AI

Job Description

Posted on: 
November 25, 2024

Summary and company overview

Summary Information

Vectra® is the leader in AI-driven threat detection and response for hybrid and multi-cloud enterprises.

Company Overview

The Vectra AI Platform delivers integrated signal across public cloud, SaaS, identity, and data center networks in a single platform. Powered by patented Attack Signal Intelligence, it empowers security teams to rapidly prioritize, investigate and respond to the most advanced cyber-attacks. With 35 patents in AI-driven threat detection and the most vendor references in MITRE D3FEND, organizations worldwide rely on the Vectra AI to move at the speed and scale of hybrid attackers. For more information, visit www.vectra.ai.

This is a hybrid role for San Jose, CA; Austin, TX or Boston, MA

Position Overview

Vectra AI’s Security Research Team represents the core security knowledge and research capability within the company primarily tasked with powering our leading-edge technologies and aiding customers. As a member of the Vectra AI Security Research team, you will be part of a highly experienced organization and respected authority on security threats and attack techniques.

Serving in the role of Sr. Security Researcher, you will have a direct impact on the direction of the company by researching threats, understanding how they appear on the network and in the cloud, helping technically shape the product direction.

Responsibilities

  • Perform leading edge security research for network based threats – systems analysis, APT threat modeling, tools assessment, network/protocol analysis, etc.
  • Work directly with our Data Science teams, developing detection capabilities which will be incorporated into the product
  • Participate in on-going efficacy testing of our detection capabilities, producing gap analyses, attack samples, remediation recommendations, and document findings for broad use across the company
  • Research and understand attacker TTPs to remain current as a subject matter expert within Vectra
  • Research new threat detection technologies and investigate innovative approaches to finding attackers operating within customer environments
  • Collaborate across Vectra to identify, research, and develop new detection models – working hand-in-hand with members of data science, consulting services, and other product teams
  • Replicate attacker techniques and tooling to produce samples for use during detection development and for detection validation and gap identification
  • Pursue security research topics that contribute to the knowledge and enumeration of new threats, tactics, and techniques in network, cloud, and hybrid environments
  • Provide an attackers-eye-view to the evidence presented by Vectra products and educate customers to the technical nature of the threat

Job Requirements

Required Qualifications

  • Passion for cyber security
  • 5+ years of attack and penetration testing experience in a network environment; or
  • 5+ years direct experience in areas of security research, malware analysis, or incident response
  • Knowledge of corporate security investigation and incident response processes, along with malware detection and mitigation technologies
  • Solid programming skills with scripting languages such as Python
  • Strong problem solving, troubleshooting and analysis skills
  • Excellent written and verbal communication skills
  • Excellent inter-personal and teamwork skills
  • Proactive, hard-working team player with a good sense of humor
  • Self-driven, able to efficiently work remotely without close supervision
  • Attack simulation experience
  • Knowledgeable of the Tools, Techniques, and Procedures of advanced threat actors
  • Proficiency with common attacker and red team tools and frameworks: Cobalt Strike, Metasploit, Empire, Mimikatz, impacket, CrackMapExec, etc.
  • Ability to realistically recreate advanced threat actor TTPs within controlled environments
  • Network experience
  • Knowledgeable in network and application protocols, and traffic analysis (network forensics)
  • Proficiency with network traffic analysis and network forensics tools such as Wireshark and tcpdump
  • Proficiency with host forensics and memory analysis tools to study advanced threat actor activities
  • Strong knowledge of networking and network application concepts: TCP/IP, UDP, HTTP, TLS, FTP, RPC, DNS, SMB, Kerberos, etc.

Preferred Qualifications

  • Professional or academic research in advanced security threats
  • Operational experience in infosec as an incident handler/responder, red teamer, administrator, or internal consultant
  • Experience with big data technologies
  • Participation in the broader infosec community with requisite contacts and access to external intelligence sources
  • Understanding the lifecycle and economics of modern malware and advanced threats

Additional commentary

NA

Summary and company overview

Summary Information

Vectra® is the leader in AI-driven threat detection and response for hybrid and multi-cloud enterprises.

Company Overview

The Vectra AI Platform delivers integrated signal across public cloud, SaaS, identity, and data center networks in a single platform. Powered by patented Attack Signal Intelligence, it empowers security teams to rapidly prioritize, investigate and respond to the most advanced cyber-attacks. With 35 patents in AI-driven threat detection and the most vendor references in MITRE D3FEND, organizations worldwide rely on the Vectra AI to move at the speed and scale of hybrid attackers. For more information, visit www.vectra.ai.

This is a hybrid role for San Jose, CA; Austin, TX or Boston, MA

Position Overview

Vectra AI’s Security Research Team represents the core security knowledge and research capability within the company primarily tasked with powering our leading-edge technologies and aiding customers. As a member of the Vectra AI Security Research team, you will be part of a highly experienced organization and respected authority on security threats and attack techniques.

Serving in the role of Sr. Security Researcher, you will have a direct impact on the direction of the company by researching threats, understanding how they appear on the network and in the cloud, helping technically shape the product direction.

Apply now