Security Researcher - 1387602

December 01, 2022 - Fulton MD or Remote

The Talos Detection Response Team (DRT) creates network and endpoint signatures that are distributed world-wide to multiple products in Cisco’s security portfolio and the open-source community.

In this position you will lead a team of analysts who create detection content for vulnerabilities in a variety of Cisco and non-Cisco products. Understanding these vulnerabilities may come from reviewing technical reports, reading code diffs, or generating network traffic from proofs-of-concepts. Once released, these protections directly impact the security of people and organizations around the globe.

You will also be responsible for managing and assigning inbound protection requests to a subset team of analysts. To effectively manage analyst’s daily workloads, a Lead must be able to effectively balance workload, distribute and track assignments, and prioritize work based on the impact of the threat to our customers

Role and Responsibilities:

  • Research security threats, attacker techniques and tools, 0-day vulnerabilities
  • Assess team member’s work and identify training needs based on weaknesses
  • Conducts regular one-on-one sync with team and DRT staff
  • Provides guidance and support to team members
  • Facilitates communication within and across teams
  • Provide mentorship and training to new team members
  • Anticipates problems/issues and takes action to prevent/minimize their impact
  • Participate in strategic planning for team and the broader DRT

Minimum Qualifications:

  • Proven experience as a lead, supervisor, or relevant leadership role
  • Exceptional organizational and leadership skills
  • Exceptional communication and conflict resolution skills
  • Solid technical writing skills
  • Experience providing review and feedback of technical work
  • In-depth experience with vulnerability analysis and common methods of exploiting vulnerabilities, such as Buffer Overflows, Cross-Site Request Forgery, Use-After-Free, XXE
  • Knowledge in network traffic analysis using tools such as Wireshark
  • Advanced knowledge of network, transport, and application layer protocols, such as IP, TCP, LDAP, TLS, RDP, SMB
  • Experience with a compiled language (e.g., C, C++, Rust, Go) and a scripting language (e.g., Python, Ruby, Perl)
  • Knowledge of reverse engineering, malware analysis, and relevant tools (e.g., IDA Pro, Binary Ninja, Ghidra, radare2, x64dbg, WinDbg, OllyDbg)
  • Experience analyzing assembly code and identifying code patterns in disassembled binaries
  • Familiarity with the memory layout and different segments of a running process, such as the stack and the heap
  • Knowledge of Windows and Linux internals
  • Typically, Bachelors in Computer Science, Cyber Security, or other tech-related degree + 7 years related experience or Masters + 4 years related experience, or equivalent experience. Prefer 10 years of work experience in the security industry.

Preferred Qualifications:

  • Familiarity with asymmetric ciphers (ECC, Diffie-Hellman, etc.), symmetric ciphers (AES, DES, etc.), and hashing algorithms (MD5, SHA256, etc.)
  • Experience with Snort rules language
  • Background in intrusion detection or forensic analysis
  • Experience with product testing and validation

Why Cisco

At Cisco, each person brings their unique talents to work as a team and make a difference. Yes, our technology changes the way the world works, lives, plays, and learns, but our edge comes from our people. Our People Are The Heart of Cisco.

Cisco is proud to be an Affirmative Action and Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, sexual orientation, national origin, genetic information, age, disability, veteran status, or any other legally protected basis.

We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.

We see inclusion and diversity as essential to fueling the power of connection. Learn about inclusion and collaboration in action at Cisco. Diversity, Inclusion and Collaboration at Cisco.

Benefits and Perks

We strive to keep our teams happy and healthy. Many roles have the option to be Remote or Hybrid. Cisco provides competitive pay, excellent medical, dental and vision coverage, 401(k) match, 20 days of paid time off plus holidays, support for parents and paid time to volunteer. View the benefits overview. Benefits and Perks - Cisco.

Join us! #WeAreCisco

Cisco COVID-19 Vaccination Requirements

The health and safety of Cisco’s employees, customers, and partners is a top priority. Our goal is to protect and mitigate the spread of COVID-19 infection for strong business resiliency during the pandemic. Therefore, Cisco may require new hires to be fully vaccinated against COVID-19 if the role requires business-related travel, meeting with customers/partners (including visiting third-party sites on behalf of Cisco), attending trade events, and Cisco office entry, unless otherwise prohibited by applicable law, and in countries where COVID-19 vaccination is legally required. The company will consider legally required accommodations/exceptions for medical, religious, and other reasons as per the requirements of the role and in accordance with applicable law. Additional information will be provided to candidates about the requirements and accommodation process at the offer time based on region.

Clicking APPLY will direct you away from