IPS Security Researcher (Security Efficacy)

Today, there's more data and users outside the enterprise than inside, causing the network perimeter as we know it to dissolve. We realized a new perimeter was needed, one that is built in the cloud and follows and protects data wherever it goes, so we started Netskope to redefine Cloud, Network and Data Security. 

Since 2012, we have built the market-leading cloud security company and an award-winning culture powered by hundreds of employees spread across offices in Santa Clara, Bangalore, London, Melbourne, and Tokyo. Our core values are openness, honesty, and transparency, and we purposely developed our open desk layouts and large meeting spaces to support and promote partnerships, collaboration, and teamwork. From catered lunches and office celebrations to employee recognition events (pre and hopefully post-Covid) and social professional groups such as the Awesome Women of Netskope (AWON), we strive to keep work fun, supportive and interactive.  Visit us at Netskope Careers. Please follow us on LinkedIn and Twitter@Netskope.

Responsibilities:

• Analyze network vulnerability and security incidents, provide guidance for the signature creation. 
• Reproduce the network attack, create the attack pcaps, develop IPS signatures, and optimize the signature performance
• Investigate customer escalations on IPS false positives and IPS false negatives.  
• Research and develop mitigation strategies and signatures for IPS. 
• Work on process automation, intelligence data architecture, product monitoring, analysis and detection tool maturation, queueing system creation;
• Design and develop systems and tools, and integrations to enable scalable threat data collections, analysis, content generation;
• Identify automation opportunities and develop new tooling to scale and monitor the deployment of an in-house threat intelligence architecture;
• Take ownership for developing and executing test plans for performance/efficacy evaluations;

Qualifications/Requirements:

• Experience with Intrusion prevention systems and signatures. Familiar with Snort/Suricata rules will be a plus
• Familiar with python, JS, SQL, NoSQL, ElasticSearch, kafka, etc will be a plus;
• Extensive experience with Cloud infrastructure (AWS, GCP, Kubernetes) deployment, troubleshooting, monitoring and automation experience;
• Experience with maintaining, monitoring, and alerting with metrics gathering tools;
• Strong networking background, knowledge of Unix/Linux environments, web protocols and web applications;
• Energetic self-starter, with the desire to work in a dynamic fast-paced environment;
• Excellent verbal and written communication skills;
• Ability to influence without authority;
• BS in Computer Science or equivalent technical degree required, MS preferred

#LI-HC1

Netskope respects your privacy and is committed to protecting the personal information you share with us, please refer to Netskope's Privacy Policy for more details.