Senior Security Researcher - 1366292

May 25, 2022 - Vienna Austria or Remote in Europe

Cisco, worldwide leader in networking and IT, is increasingly growing into all aspects of the security space. Cisco is building an interconnected threat intelligence platform to safely connect these devices while leaving bad actors out of the picture.

The Cisco Talos Security Intelligence and Research Group detects and correlates threats in real-time using the world’s largest threat detection network, protecting against known and emerging cybersecurity threats to better protect the Internet.

Talos is seeking a puzzle-loving security researcher to join our growing team as a Security Researcher. If you have a passion to stop bad guys and love working with large data-sets, then we need you.

What You’ll Do

As a Cisco Talos Security Researcher, you will work to dissect malware samples, malicious documents, and web threats. At the same time, you will automate several aspects of your workflow, like the extraction of IoCs, the creation of detection content, and the conviction of malicious samples and domains. The ideal candidate is passionate about computer security and has a solid background in programming and data science. This Security Researcher will also be responsible for leading and working on projects that will support tactical and strategic business objectives. Demonstration of clear and concise communication with a variety of stakeholders, personal agility to adapt to changing environments, and a strong comprehension of malware, emerging threats and calculating risk will be critical to success.

Who You’ll Work With

You’ll be part of a global team of highly empowered Security Researchers professionals as a collaborative team passionate about helping our clients be both better prepared to defend against adversaries on their network, specifically at the endpoint, as well as responding to active incidents within their network.

Who You Are

You check your ego at the door and learn from others constantly, while also helping educate those who aren’t as well versed as you are in technical or procedural topics. As a result, you have a track record of working diligently to help your clients and teammates and have even come up with some novel techniques in your time.

Required Skills

  • Passionate about malware and how systems get infected
  • Desire to automate the daily tasks
  • Specialized experience with detection content creation (ClamAV, Snort, Yara, etc)
  • Experienced with malware analysis and reverse engineering malicious threats and techniques.
  • Experienced with python programming, able to develop frameworks or programs in Python in order to automate all the manual steps and connect the dots.
  • Understanding of industry tools, malware behavior and techniques.
  • Sound understanding of the Kill Chain (Attack) Life Cycle.
  • Demonstrate capability to map technical findings to business impacts and communicate those in a manner which is understandable by a non-technical audience.
  • Proactively hunt for adversaries in customer environments leveraging a variety of tools and techniques.
  • Understanding of different attacks and how best to design custom detection, containment, and remediation plans for customers.
  • Be a champion for the process - Develop and document processes to ensure consistent and scalable response operations.
  • Bachelors’ Degree in Computer Science or a related technical degree; or, equivalent industry experience.
  • 4+ years of industry experience in a relevant role primarily using Python, Elastic Stack, Git, while performing malware analysis and creating detection content for major endpoint operating systems, in particular Windows, MacOS and Linux

Desired Characteristics

  • Detailed understanding of current cyber security threats, attacks, and countermeasures. Such as Advanced Persistent Threat (APT), Cyber Crime, Hacktivism and associated tactics.
  • Strong track record of understanding and interest in recognized IT Security-related standards and technologies, demonstrated through training, job experience and/or industry activities.

Why Cisco

At Cisco, each person brings their unique talents to work as a team and make a difference. Yes, our technology changes the way the world works, lives, plays, and learns, but our edge comes from our people. Our People Are The Heart of Cisco.

Cisco is proud to be an Affirmative Action and Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, sexual orientation, national origin, genetic information, age, disability, veteran status, or any other legally protected basis. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.

We see inclusion and diversity as essential to fueling the power of connection. Learn about inclusion and collaboration in action at Cisco. Diversity, Inclusion and Collaboration at Cisco.

Benefits and Perks

We strive to keep our teams happy and healthy. Many roles have the option to be Remote or Hybrid. Cisco provides competitive pay, excellent medical, dental and vision coverage, 401(k) match, 20 days of paid time off plus holidays, support for parents and paid time to volunteer. View the benefits overview, Benefits and Perks - Cisco.

Join us! #WeAreCisco

Cisco Covid-19 Vaccination Policy

The health and safety of Cisco’s employees, customers, and partners is a top priority. Our goal is to protect and mitigate the spread of COVID-19 infection for strong business resiliency during the pandemic. Therefore, Cisco requires all new hires to be fully vaccinated against COVID-19 in the U.S., unless otherwise prohibited by applicable law, and in countries where COVID-19 vaccination is legally required. The company will consider legally required accommodations/exceptions for medical, religious, and other reasons as per the requirements of the role and in accordance with applicable law. Additional information will be provided to candidates about the requirements and accommodation process at the offer time based on region.