Security Research Engineer - 1331556

July 28, 2021 - Fulton, MD

The Business Entity

Creating leading threat intelligence is the focus of the Cisco Talos Security Intelligence and Research Group (Talos). Talos is composed of leading threat researchers supported by sophisticated systems. Talos researchers create threat intelligence for Cisco products to protect customers from both known and emerging threats. The team’s expertise spans software development, reverse engineering, vulnerability triage, malware investigation, and intelligence gathering. Talos maintains the official rule sets and communities of, ClamAV, and SpamCop.

The Talos Engineering & Development group plays a pivotal role in providing critical security intelligence, data, and tools to both the research teams and Cisco security email, web, and firewall products to protect our enterprise customers from cyberattacks.

What you’ll do

You will be joining a diverse high-paced team with several different objectives:

  • Develop toolsets and systems for collecting and analyzing large diverse data sets
  • Analyze and optimize data analysis pipelines identifying actionable intelligence and creating coverage for customer products
  • Act as escalation point for other research and response teams

Who you are

  • Development experience using a mainline language such as Python, Perl or C/C++
  • Development experience writing an application using a database such as MySQL or Oracle or PostgreSQL Working knowledge of secure coding practices
  • Experience working in Linux and/or FreeBSD
  • Solid Analytical and problem solving skills
  • Good organization, decision making, and verbal and written communication skills
  • Ability to work independently with minimal supervision and take on additional tasks as required
  • Ability to work with small teams to solve complex problems

Preferred Qualifications

  • Expert-level experience with Python or Perl
  • Experience with deployment pipelines such as Docker, docker-compose, Puppet, Ansible and generic CI/CD systems
  • Familiarity with data structure formats such as JSON, XML and STIX
  • Solid base knowledge of networking, transport, and application layer protocols, such as IP, TCP, UDP, and HTTP
  • Experience with common methods of exploitation, such as Buffer Overflows, Cross-site Scripting, etc.
  • Experience with Vulnerability Analysis and CVEs
  • Experience with Snort rules language
  • Solid technical writing skills
  • Bachelor’s degree or higher in Computer Science, Cyber Security, or other tech-related field

Why Cisco?

We connect everything: people, processes, data, and things. We innovate everywhere, taking bold risks to shape the technologies that give us smart cities, connected cars, and handheld hospitals. And we do it in style with unique personalities who aren’t afraid to change the way the world works, lives, plays and learns. We are thought leaders, tech geeks, pop culture aficionados, and we even have a few purple haired rock stars. We celebrate the creativity and diversity that fuels our innovation. We are dreamers and we are doers.