Network threat researcher

Posted: July 9, 2020, 6:55 p.m. - Full Time - Bangalore

Awake’s mission is to protect companies from advanced cyber-attacks and to help their security teams operate with super-human efficiency. Our approach is simply different from what is available today, and we aim to create a world-class, diverse, and enduring capability to help protect the information assets that enrich our world.

Our team is composed of customer-focused professionals with best in class industry experience. Our team of extremely talented and friendly individuals is looking for new members who are passionate, motivated, and most of all enjoy working closely with customers to ensure their success.

Responsibilities

  • Conduct threat research and investigations using Awake’s network traffic analysis platform
  • Investigate, document, and report on information security issues and emerging trends
  • Conduct network log and network PCAP analysis, malware triage; and other investigation related activities in support of recent Threats and Research projects.
  • Generate and reproduce threat behaviors using several red-teaming tools, virtual machines, perform packet captures of such attack traffic, and analyze them further from the detection standpoint.
  • Develop scripts and tools to automate the analysis of network-based threats, exploits, and vulnerabilities.
  • Provide training, present to small groups, write blogs, and speak at conferences such as Black Hat, Defcon and BSides
  • Coordinate with other internal Awake teams on product improvement and customer protection.

Requirements

  • 3 or more years of Network Threat Hunting experience using network traffic or monitoring technology
  • Have the personality of someone who likes to dive into a PCAP, look at the raw hex, and also jump into the protocol RFC/specification document(s) to better understand it
  • Ability to parse and read PCAP data using Wireshark or other tools as well as being able to read text-based network logs to identify malicious activity
  • Hands-on experience in tools like Metasploit, Caldera, Core Impact, Scapy, Exploit Pack, etc.
  • Proficiency in dissecting common protocols such as HTTP, DNS, TLS, SMB, RPC along with other modern enterprise and Web2.0 protocols.
  • Understanding of ATT&CK Framework would be preferred.
  • Ability to read blogs, conduct research, and convert threat intelligence into detection models
  • Understanding of a wide range of network protocols and how they function at their lowest levels
  • Passionate about network traffic analysis.
  • Ability to code scripts in Python, Go, and/or Powershell
  • Ability to prioritize and complete multiple tasks with little to no supervision
  • Ability to work independently or as part of a collaborative team effort

Other desired requirements

  • Excellent customer-facing skills
  • Strong understanding of network security concepts
  • Advanced Python, Go, C#/.NET and/or Powershell
  • Familiar with interacting and/or writing APIs