Threat Hunter Analyst

Company: Cisco Systems, Inc.
Location: Not Specified, Kansas, United States
Type: Full-time
Posted: 23.NOV.2019

Summary

Who You Are Are you interested in hunting down malicious actors in massive data sets, and large customer bases? You will help design and im...

Description

Who You Are

Are you interested in hunting down malicious actors in massive data sets, and large customer bases? You will help design and implement new ways of identifying and tracking down threat actors and infection vectors by collaborating with highly skilled machine learning experts, reverse engineers and security community. If you want to be able to protect millions from malware, fraud, phishing attacks, and future threats: this is your opportunity.

What You'll Do

Role & Responsibilities

  • Monitor Cisco AMP deployments and provide threat hunting services
  • Interface directly with customers to provide triage and threat research services
  • Work with Data Scientists and Malware Analysts
  • Identify and remediate False Positives and False Negatives
  • Identify and report security incidents
  • Identify malware campaign and correlate security incidents
  • Identify behavioral activity in recorded execution of software
  • Identify benign or normal activity in recorded execution of software
  • Conduct research into Tools and Tactics used by Malicious actors.


Minimum Qualifications

  • Knowledge of operating system internals including Windows, Linux and Mac OS.
  • Prior knowledge or experience with Malware detection or remediation
  • Ability and prior experiencing in writing and validation of threat signatures (Yara, Clam, OpenIOC)
  • Ability to write and validate parsers for a variety of file formats.
  • Scripting or programing experience in Python or Go
  • Excellent communication skills
  • Ability to articulate technical issues
  • Attention to Detail


Preferable Qualifications

  • Reverse Engineering and experience with IDA Pro, WinDbg, OllyDbg
  • Data Mining and interpretation skills
  • Prior experience in a Security Operations Center
  • Prior experience in malware forensics or incident handling
  • Prior experience with SIEM products


Why Cisco:

#WeAreCisco, where each person is unique, but we bring our talents to work as a team and make a difference. Here's how we do it.

We embrace digital, and help our customers implement change in their digital businesses. Some may think we're "old" (30 years strong!) and only about hardware, but we're also a software company. And a security company. A blockchain company. An AI/Machine Learning company. We even invented an intuitive network that adapts, predicts, learns and protects. No other company can do what we do - you can't put us in a box!

But "Digital Transformation" is an empty buzz phrase without a culture that allows for innovation, creativity, and yes, even failure (if you learn from it.)

Day to day, we focus on the give and take. We give our best, we give our egos a break and we give of ourselves (because giving back is built into our DNA.) We take accountability, we take bold steps, and we take difference to heart. Because without diversity of thought and a commitment to equality for all, there is no moving forward.

So, you have colorful hair? Don't care. Tattoos? Show off your ink. Like polka dots? That's cool. Pop culture geek? Many of us are. Passion for technology and world changing? Be you, with us! - provided by Dice

 
Apply Now

Share

Free eBook

Flash-bkgn
Loader2 Processing ...