Security Research Engineer - 1387600

February 06, 2023 - Fulton MD or Remote

Location: This position can be fully Remote in the United States.

The Talos Detection Response Team creates network and endpoint signatures that are distributed world-wide to multiple products in Cisco’s security portfolio and the open-source community.

In this position you will create detection content for vulnerabilities in a variety of Cisco and non-Cisco products. Understanding these vulnerabilities may come from reviewing technical reports, reading code diffs, or generating network traffic from proofs-of-concepts. Once released, these protections directly impact the security of people and organizations around the globe. With time and experience, you may have the opportunity to conduct in-depth research on novel threats, create tooling that forwards the mission of the team, and mentor junior team members.

If you’re a tenacious learner, have an excruciating interest in detail, and want to expand your career in information security this may be the right role for you.

Role and Responsibilities:

Research security threats, attacker techniques and tools, 0-day vulnerabilities Create advanced signatures and detection content for Snort, ClamAV, AMP, and other Cisco products Write in-depth technical advisories about threats and signatures Capture network traffic from threats for testing IPS and IDS security effectiveness Analyze malware samples and vulnerable binaries using static/dynamic analysis, debuggers

Minimum Qualifications:

  • In-depth experience with vulnerability analysis and common methods of exploiting vulnerabilities, such as * Buffer Overflows, Cross-Site Request Forgery, Use-After-Free, XXE
  • Extensive knowledge in network traffic analysis using tools such as Wireshark
  • Solid knowledge of network, transport, and application layer protocols, such as IP, TCP, LDAP, TLS, RDP, SMB
  • Experience with a compiled language (e.g. C, C++, Rust, Go) and a scripting language (e.g. Python, Ruby, Perl)
  • Experience with the structure of common file formats, such as PDF, MS Office, EXE, ELF
  • Experience with reverse engineering, malware analysis, and relevant tools (e.g. IDA Pro, Binary Ninja, Ghidra, radare2, x64dbg, WinDbg, OllyDbg)
  • Experience analyzing assembly code and identifying code patterns in disassembled binaries
  • Familiarity with the memory layout and different segments of a running process, such as the stack and the heap
  • Basic knowledge of Windows and Linux internals
  • Solid technical writing skills
  • Ability to work independently with minimum supervision and in a small team, taking on additional tasks as required
  • 5 years of work experience in the security industry
  • Typically, Bachelors + 5 years related experience or Masters + 3 years related experience or equivalent experience.

Preferred Qualifications:

  • Familiarity with asymmetric ciphers (ECC, Diffie-Hellman, etc), symmetric ciphers (AES, DES, etc), and hashing algorithms (MD5, SHA256, etc)
  • Experience with Snort rules language
  • Experience with intrusion detection or forensic analysis
  • Bachelor’s degree in Computer Science, Cyber Security, or other tech-related degree

Why Cisco

At Cisco, each person brings their unique talents to work as a team and make a difference. Yes, our technology changes the way the world works, lives, plays, and learns, but our edge comes from our people. Our People Are The Heart of Cisco.

Cisco is proud to be an Affirmative Action and Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, sexual orientation, national origin, genetic information, age, disability, veteran status, or any other legally protected basis.

We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.

We see inclusion and diversity as essential to fueling the power of connection. Learn about inclusion and collaboration in action at Cisco. Diversity, Inclusion and Collaboration at Cisco.

Benefits and Perks

We strive to keep our teams happy and healthy. Many roles have the option to be Remote or Hybrid. Cisco provides competitive pay, excellent medical, dental and vision coverage, 401(k) match, 20 days of paid time off plus holidays, support for parents and paid time to volunteer. View the benefits overview. Benefits and Perks - Cisco.

Join us! #WeAreCisco

Cisco COVID-19 Vaccination Requirements

The health and safety of Cisco’s employees, customers, and partners is a top priority. Our goal is to protect and mitigate the spread of COVID-19 infection for strong business resiliency during the pandemic. Therefore, Cisco may require new hires to be fully vaccinated against COVID-19 if the role requires business-related travel, meeting with customers/partners (including visiting third-party sites on behalf of Cisco), attending trade events, and Cisco office entry, unless otherwise prohibited by applicable law, and in countries where COVID-19 vaccination is legally required. The company will consider legally required accommodations/exceptions for medical, religious, and other reasons as per the requirements of the role and in accordance with applicable law. Additional information will be provided to candidates about the requirements and accommodation process at the offer time based on region.

Clicking APPLY will direct you away from