Talos wants YOU! As a member of the Detection Research Team, you will research vulnerabilities in hardware, software, and network protocols, how they are exploited, and be responsible for the creation of detection content for the security products Talos supports. You will act as a trusted security partner to Cisco customers and our open source community, to keep them safe against all manner of cyber threats. You will develop and research proof-of-concept (PoC) exploits and support analysts in the creation of signatures that will detect and prevent those exploits. You will join a team of the best and brightest subject matter experts in a wide range of fields and technologies, who are just as eager as you to stop the bad guys, and keep networks safe.
Position Roles and Responsibilities: • Analyze zero-day vulnerabilities and emerging security threats to SCADA and the Industrial Control System (ICS) space • Reverse engineer ICS and IoT devices to discover new vulnerabilities • Use a variety of tools to perform static and dynamic analysis of real-world malware samples • Provide subject matter expertise to peers and customers on ICS security, both exploits and defense • Research emerging ICS technologies and SCADA protocols • Create signatures for Snort, Clam AV, and other Cisco security products • Write detailed technical advisories on new vulnerabilities
Minimum Desired Qualifications: • Experience reverse engineering a variety of hardware and software, to include firmware, operating systems, and application • Experience extracting firmware from devices for analysis. • Experience with a variety of devices for hardware research, such as JTAG, logic analyzers, and other devices. • Experience with vulnerability discovery and analysis • Experience with common vulnerabilities and methods of exploitation, such as memory corruption, web application exploitation, file format vulnerabilities, protocol-based weaknesses, etc. • Familiarity or expertise with a coding language such as Ruby, Perl, Python, Java, or C. • Experience with analysis tools such as IDA, Radare, Burp Suite, and others • Experience with network traffic dissectors such as Wireshark • Solid documentation and technical writing skills • Excellent analytical and problem solving skills • Ability to work independently with minimum supervision and take on additional tasks as required • Desire to expand skills and abilities while functioning out of comfort zone
Preferred Qualifications: • Bachelor’s degree or equivalent in Computer Science, Cyber Security, or other tech-related degree from an accredited academic institution • Understanding of the nuances of the Snort rule syntax • Experience with operational SCADA master and field devices related to generation, distribution, and transmission • Knowledge of ICS/SCADA protocols such as DNP3, Modbus, BACNet, ICCP, IEC 60870, CIP, ENIP • Strong familiarity with ICS vendors and product offerings
What’s it like working for Talos?
• Work closely with software reverse engineers and research analysts to quickly develop detection content for all our core applications • Moderate to high levels of stress may occur at times • Fast paced and rapidly changing environment • Extremely talented and experienced team members and mentors • No special physical requirements • Constant internal training, libation, and enthusiastic discussions