Adversary Research Engineer
As a Adversary Research Engineer you will be responsible for producing new insight into existing and emerging adversary activity for evaluating the performance of information security controls. You’re aware of what they’re doing today, and you’d like to create advantages for defenders of all types and skill levels.
This role will report to the Head of Adversary Research and will be located anywhere in the United States.
Essential Duties and Responsibilities
- Collect and analyze adversary tactics, techniques and procedures (TTP) of all types from diverse sources.
- Translate analysis of adversary TTP into AttackIQ platform content used to evaluate the performance of security control technologies.
- Assist in communicating detailed technical concepts to a broad audience to further the practice of Threat-Informed Defense.
- Demonstrated understanding of most commonly-deployed information security technologies to support network and endpoint defense — think Palo Alto, Cisco, Crowdstrike, Cylance and beyond.
- Proven capability to go from raw material to detections with these technologies in multiple rule formats with similar proficiency in Wireshark, Zeek/Bro and Process Explorer.
- Hands-on skill with common hack, penetration testing and vulnerability scanning tools like Kali, Metasploit or similar when applied beyond the lab.
- Knowledge of current adversary TTP and how to model behaviors in context of MITRE ATT&CK.
- Responsibility and ability to author detections in large-scale data aggregation and search platforms like Elastic and Splunk.
- Smart, driven, and able to think-on-your-feet in a fast-paced environment.
- Significant experience in a security operations center (SOC) or similar a huge plus.
Required Experience and Skills
- Bachelor’s degree with 1-2 years experience in either an offensive or defensive cybersecurity capacity, or equivalent total experience in the information security space.
- Exceptional written, oral, presentation and interpersonal skills.
How to apply
Send an email to email@example.com with Subject Line: “Adversary Research Engineer”
Note to all recruitment agencies
AttackIQ does not accept agency resumes without a signed agreement. Please do not forward resumes to our jobs alias, our employees, or any other company location. AttackIQ is not responsible for any fees related to unsolicited resumes and will not pay fees to any third-party agency or company that does not have a signed agreement with us.
At AttackIQ we value diversity and are proud to be an equal opportunity employer.