Research Engineer - Detection Response Team

May, 28 2020 - Fulton, MD

Team Description:

TALOS wants YOU! As a member to the Detection Research Team, you will research vulnerabilities in software and network protocols, how they are exploited, be responsible for creation of detection content for the technologies TALOS supports, and act as a trusted security partner within the TALOS organization and Cisco. You will learn to take a Proof-of-Concept (PoC), verify it exploits the vulnerable condition, create a PCAP of the network traffic created during exploitation, and write detection content to detect that exploitation, while not generating False Positives. You will join a team of subject matter experts in a wide range of fields & technologies, as well as newbies fresh out of college or the local CTF competition!

Role & Responsibilities:

  • Analyze new security threats and tools
  • Analyze malware samples using debuggers
  • Create advanced detection content for Snort, ClamAV, AMP, and Security Intelligence
  • Write detailed technical advisories on new vulnerabilities
  • Capture network traces from exploits for testing IPS and IDS security effectiveness

Minimum Qualifications:

  • Experience working in both Windows and Linux
  • Experience with network traffic dissectors such as Wireshark
  • Good Analytical and problem solving skills
  • Good organization, decision making, and verbal and written communication skills
  • Ability to work independently with minimum supervision and take on additional tasks as required
  • Ability to work with small teams to solve complex problems

Preferred Qualifications:

  • Experience with Capture-the-Flag Competitions
  • Solid base knowledge of networking, transport, and application layer protocols, such as IP, TCP, UDP, and HTTP
  • Experience with common methods of exploitation, such as Buffer Overflows, Cross-site Scripting, etc
  • Experience with the structure of common file formats, such as PDF, DOC, and SWF
  • Experience with Perl, Python, or Ruby
  • Experience with vulnerability analysis
  • Experience with snort rules language
  • Solid technical writing skills
  • Bachelor’s degree in Computer Science, Cyber Security, or other tech-related degree