Position Overview
Vectra’s Threat Labs represents the core security knowledge and research capability within the company – tasked with powering our leading-edge technologies and aiding customers. As a member of the Vectra Threat Labs team, you will be part of a highly experienced organization and respected authority on security threats and attack techniques.
Serving in the role of Senior Security Researcher – Identity and SaaS, you will have a direct impact on the direction of the company by researchingthreats, understanding how they appear in the cloud (Identity, SaaS). Some of the specific responsibilities include:
* Perform leading edge security research to understand and communicate the major threat models and attacker methodologies within a specific cloud and/or identity technology, shaping the overall product direction for that area of focus, guiding prioritization of detection development, working as a team to develop the detection capabilities that protect our customers.
Vectra offers the opportunity to be on the leading edge of cyber security – helping us grow a world-renowned security research organization.As the researcher tasked with inventing and improving cloud focused security detection technologies, you will be an integral part of our success.
When not working on new detection technologies, as a senior security researcher you are expected to research new security topics, engage in bug-hunts, and contribute to the community in a way that helps grow both your personal and company brands.
What You Will Do [Responsibilities]
* Identify and develop a deep understanding of cyberthreats facing cloud-enabled organizations to shape the product direction and research focus of the team
* Apply your expert insights and experience to research, develop, and classify new threats, detection capabilities, and related mitigation techniques
* Collaborate across Vectra to develop new detection models – working hand-in-hand with members of the data science and engineering teams
* Pursue security research topics that contribute to the knowledge about and enumeration of new threats
* Provide an attackers-eye-view to the evidence presented by Vectra products and educate customers to the technical nature of the threat
What You Will Need [Requirements]
* You have a strong background in securing or threat detection in EntraID, Okta, M365, or other Cloud Identity Service Providers or Enterprise SaaS services with a deep understanding of the threat models and attacker methodologies within these environments
* 5+ years direct experience in areas of security research, malware analysis, or cloud security architecture/development/analysis
* Deep understanding of cloud systems and security concepts for SaaS and/or Identity solutions including their respective threat models, risks and attacker methodologies
* 5+ years of attack and penetration testing experience; or 5+ years of incident response and threat analysis experiences
* Knowledgeof exploitation techniques
* Proficiency with log analysis in support of securityand incident investigation
* Knowledge of corporate security investigation and incident response processes, along with threat detection and mitigation technologies
* Solid programming skills with scripting languages such as Python and query languages like KQL/SQL/Presto
What Will Help You [Expectations]
* Professional or academic research in advanced security threats, particularly against cloud environments
* Operational experience in infosec as an incident handler, administrator, or internal consultant
* Experience with big data technologies such as Azure ADX, Amazon Redshift or Athena, Hadoop, Spark
* Participation in the broader infosec community with requisite contacts and access to external intelligence sources
* Understanding the lifecycle and economics of modern malware and advanced threats
* Strong problem solving, troubleshooting and analysis skills
* Excellent written and verbal communication skills
* Excellent inter-personal and teamwork skills
* Proactive, hard-working team player with a good sense of humor
* Self-driven, able to efficiently work remotely without close supervision
#J-18808-Ljbffr