The Security Researcher is a focused, hybrid role stemming from the following capabilities: security practitioner/analyst, researcher, product developer, evangelist, engineer, business development executive and customer enabler. We apply practitioner and development experience and security innovation to PacketSled products and to partners and in the worldwide security community. The Security Researcher will partner with Marketing, Engineering, CloudOps, Pre-sales, partners and customers fostering collaboration and contribution to the security community.
- Work with the Product team as security advisor in architecture and design, collaborate with product team to help strengthen the PacketSled platform.
- Advise Ops on Information Security issues, systems, processes, products and services.
- Help create security standards applicable to all technologies in the IT and product portfolio.
- Collaborate with Sales, Engineering, CloudOps and partners/MSSPs’ compliance and other affiliated groups to work through strategic product initiatives.
- Work with Sales, Engineers and Security team to prioritize research opportunities in a fast-paced, rapidly changing environment.
- Provide SME for PacketSled products and future products/services across all business units through innovation.
- Drive PacketSled security methodology and adoption across Partners and security market.
- Conduct workshops to help PacketSled sales and partners get value from PacketSled.
- Develop product presentations, whitepapers, product briefs and solutions guides that clearly articulate the value of PacketSled
- Evangelize and demonstrate PacketSled at conferences, tradeshows, to analysts, blogs and customers
- Use PacketSled as a platform to contribute to security community to push security research
- Contribute to external research projects benefitting the security community and PacketSled community
- Foster development and design in PacketSled based on security research in the field
- Drive innovation using PacketSled for security research, automation, investigation and visualization
Essential Functions/Job Requirements
- Develop Security tools, best practices and processes in PacketSled to help democratize DFIR
- Design and implement new dashboards, charts/graphs, reports, searches and IRES rules through the User Interface, API/SDK and external interactions with the platform.
- Have deep technical expertise in network defense technologies, forensic tools, and active defense technologies.
- Design rapid prototypes leveraging the core platform for security use cases.
- Review customer processes and business requirements to help determine new and innovative ways to leverage PacketSled
- Provide community security leadership to extend the organization’s ability to optimize use of emerging security technologies
- Stay current with security technologies and threats and make recommendations for use based on business value
- Capture and develop best-practice processes and documentation to help partners and customers
- Engage in peer-to-peer dialogue with clients about their industry and their situation; be a trusted advisor
- Expand the detections, observations, indicators and workflow of the product
- Apply subject matter expertise to product context and enrichment for customers (via hunting) and partners
- Product security expertise [SSDLC/security assessment]
- Conduct industry leading security research to help the community and PacketSled
- Speak at conferences and present research
A PacketSled researcher builds partnerships and collaborative interaction between internal groups such as Engineering, Sales, CloudOps and customers. This role may represent up to 50% travel at peak times, including security conferences, off-sites, and research projects.
- Deep networking background, knowledge of services and protocols
- Must have a deep technical capability in at least one of the following: Forensics, Security Operations/Incident Response, Research/Threat Detection, Threat Hunting, Development, Malware analysis, DFIR, Breach Response.
- Familiar with git, gitflow and Engineering tools such as JIRA and confluence as part of daily work stream.
- Systems administration skills using both *nix and Microsoft platforms, extending APIs, Integrating technology.
- Linux/Windows Administration/System Management/Automation
- Advanced networking topologies, protocols, infrastructure and networking architectures.
- Comfortable with scripting and python, Golang, Lua, C/C++ capable
Minimum Required Education/Experience
- Minimum of 7-10 years or work experience as a security practitioner or related role.
- Strong written and verbal communication skills.
- Excellent team player, creative, self-motivated, has a positive attitude and a strong desire for continued personal growth.
- US Citizenship Required
- Security Clearance not required, but a plus
- A Background Check will be performed