Security Research Engineer - 1367347

May 25, 2022 - Remote, USA

Who You’ll Work With

The Talos Email and Malware Research team is a multinational group of security researchers. We invent novel approaches to detecting phishing and malware attacks and other threats, both in small groups and by working independently to build detection content and proof-of-concept models. These models can transition to internally supported tools or to Talos development teams to be hardened and further developed for ingestion by Cisco products as part of Talos intelligence.

Who You Are, What You’ll Do

  • Good pattern recognition: identifying and anticipating new threats
  • Dependable judgment and attentive to details
  • Rapid prototyping of code to automate newly discovered threat patterns seen in malware, attacker techniques, network or endpoint telemetry
  • Maintaining and bolstering our products’ high catch rate for threats
  • Collaboration with similarly innovative interdisciplinary teams to meet efficacy goals
  • Stay up to date on malware trends, perform malware analysis and hunt for patterns in telemetry, as necessary, to understand detection issues and possible solutions at initial access vectors, on endpoints, and from within network telemetry

Experience and Qualifications

  • Past experience in any of: IT, machine learning, security and malware research
  • Networking basics
  • You understand malware attack chains at the endpoint and network levels
  • You understand malware families, MITRE ATT&CK and commonly exploited CVEs
  • Experience building solutions to increase the efficacy of malware or phishing detection
  • Proficiency in Python and shell scripting (bash, awk, sed, etc.)
  • Regular experience using a UNIX command line (ssh, grep)
  • Comfortable with regular expressions
  • Flexible and adaptable, able to pursue multiple separate tasks
  • You have experience with writing signatures such as YARA, SNORT
  • Threat hunting and incident response familiarity that can be applied to creating detections
  • Experience analyzing malicious documents, obfuscated scripts and dynamic malware analysis

Bonus Skills - Familiarity or interest in any combination of these is helpful

  • Experience with AWS
  • Exploring obfuscated HTML/CSS/JS
  • SMTP, email headers, and related email and anti-spoofing standards
  • Big data tools (Elasticsearch/ELK, HBase)
  • Statistics, probability, and machine learning
  • Fluent in reading non-English language(s)

Why Cisco?

At Cisco, each person brings their unique talents to work as a team and make a difference. Yes, our technology changes the way the world works, lives, plays and learns, but our edge comes from our people. Our People Are The Heart of Cisco.

We connect everything – people, process, data and things – and we use those connections to change our world for the better. We innovate everywhere - From launching a new era of networking that adapts, learns and protects, to building Cisco Services that accelerate businesses and business results. Our technology powers entertainment, retail, healthcare, education and more – from Smart Cities to your everyday devices.

We benefit everyone - We do all of this while striving for a culture that empowers every person to be the difference, at work and in our communities.

Colorful hair? Don’t care. Tattoos? Show off your ink. Like polka dots? That’s cool. Pop culture geek? Many of us are. Be you, with us! #WeAreCisco

Cisco is proud to be an Affirmative Action and Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, sexual orientation, national origin, genetic information, age, disability, veteran status, or any other legally protected basis.

We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.

We see inclusion and diversity as essential to fueling the power of connection. Learn about inclusion and collaboration in action at Cisco. Diversity, Inclusion and Collaboration at Cisco.

Benefits and Perks

We strive to keep our teams happy and healthy. Many roles have the option to be Remote or Hybrid. Cisco provides competitive pay, excellent medical, dental and vision coverage, 401(k) match, 20 days of paid time off plus holidays, support for parents and paid time to volunteer. View the benefits overview. Benefits and Perks - Cisco.

Join us! #WeAreCisco

Cisco Covid-19 Vaccination Policy

The health and safety of Cisco’s employees, customers, and partners is a top priority. Our goal is to protect and mitigate the spread of COVID-19 infection for strong business resiliency during the pandemic. Therefore, Cisco requires all new hires to be fully vaccinated against COVID-19 in the U.S., unless otherwise prohibited by applicable law, and in countries where COVID-19 vaccination is legally required. The company will consider legally required accommodations/exceptions for medical, religious, and other reasons as per the requirements of the role and in accordance with applicable law. Additional information will be provided to candidates about the requirements and accommodation process at the offer time based on region.

Clicking APPLY will direct you away from