Security Researcher - Cloud
Remote
Applications have closed
Corelight
Disrupt future attacks with complete network visibility, next-level analytics, faster investigations, and expert threat hunting.By making evidence the heart of security, we help customers stay ahead of ever-changing cyber-attacks.
Corelight is the cybersecurity company that transforms network and cloud activity into evidence. Evidence that elite defenders use to proactively hunt for threats, accelerate response to cyber incidents, gain complete network visibility and create powerful analytics using machine-learning and behavioral analysis tools. Easily deployed, and available in traditional and SaaS-based formats, Corelight is the fastest-growing Network Detection and Response (NDR) platform in the industry. And we are the only NDR platform that leverages the power of Open Source projects in addition to our own technology to deliver Intrusion Detection (IDS), Network Security Monitoring (NSM), and Smart PCAP solutions. We sell to some of the most sensitive, mission critical large enterprises and government agencies in the world.
Role and Opportunity
We are building a world class and uniquely targeted team to drive research through data science. The ideal candidate will use their strong data science skills and an awareness of network security data to drive novel, durable, and effective threat detection. Beyond that, this person will define and build the data science technology stack needed to both build the team and enable new data-driven insights. Most uniquely, because Corelight can define the data our sensors generate, you will be able to help scope how we extend the data itself to enable new types of analysis as needed. You will be able to look back a year from now and say two things with pride: first, “I helped to build that.” and second, “We are generating insights that no one else in the world has achieved.”
Opportunity
- Work with Vern Paxson (creator of Zeek, UC Berkeley Professor and world renowned network security researcher) and with a world-class team of network security experts
- Analyze TTPs (using live network traffic) to create data-driven, tunable models for behavioral detection with low FP rates. Iterate those models based on customer engagement
- Specify improvements to the data itself (e.g. new / different protocol parsers, data augmentation) that will enable unique insights and superior threat detection
- Drive advances in the analytics tools and frameworks (e.g. across structured detection algorithms, machine learning, artificial intelligence, behavioral analysis) both for our growing research team and in the Corelight Sensor, to create and execute those models
- Work closely with product management and engineering to guide implementation of the data and analytics improvements into the core product
- Author key materials to share (a) attack insights with the security community, and (b) guide customers in employing your security models
Qualifications
- MS in Computer Science, Engineering, or equivalent experience. Cloud security certifications are preferred
- Cloud: Strong knowledge of building and securing cloud environments both virtual and containerized. Working knowledge of investigation and incident response processes for cloud environments. AWS experience is preferred
- Analysis: Strong structural modeling, machine learning and/or statistical modeling expertise, including applying the techniques to real world problems. Experience with tools and environments such as R, Python/Pandas, Matlab/Octave, Tensorflow, Spark
- Security: Knowledge of corporate security investigation and incident response processes, especially in cloud environments. Awareness of threat TTP’s including the MITRE ATT&CK Framework
- Networking: Working knowledge of networking concepts and network protocols such as TCP/IP, HTTP, TLS, RPC, DNS, SMB, Kerberos
- Cloud Operations: Working knowledge of cloud infrastructure such as containerization, deployment via infrastructure as code, service meshes
- Coding: Experience coding across common languages
A note on experience
We understand that no candidate is perfectly qualified for any job. Experience comes in different forms; many skills are transferable; and passion goes a long way. Even more important than your resume is a clear demonstration of skill, dedication, and the ability to thrive in a fluid and collaborative environment. We want you to learn new things in this role, and we encourage you to apply if your experience is close to what we’re looking for.
Diversity of background and thought makes for better problem solving and more creative thinking, which is why we're dedicated to adding new perspectives to the team.
Working at Corelight
We are proud of our culture and values - driving diversity of background and thought, low-ego results, applied curiosity and tireless service to our customers and community. Corelight is committed to a geographically dispersed yet connected employee base with employees working from home and office locations around the world. Fueled by an accelerating revenue stream, and investments from top-tier venture capital organizations such as Crowdstrike, Accel and Insight - we are rapidly expanding our team.
Check us out at www.corelight.com
Tags: Analytics Artificial Intelligence AWS Cloud Computer Science CrowdStrike DNS IDS Incident response Intrusion detection Kerberos Machine Learning Matlab MITRE ATT&CK Monitoring Network security NSM Octave Open Source PCAP Python SaaS TCP/IP Threat detection TLS TTPs
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Staff Security Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Security Analyst jobs
- Open Security Operations Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Information Security Analyst jobs
- Open Product Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Principal Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Information Security Engineer jobs
- Open Consultant SOC / CERT H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Specialist jobs
- Open Security Specialist jobs
- Open Security Researcher jobs
- Open Chief Information Security Officer jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Specialist jobs
- Open IT Security Engineer jobs
- Open Agile-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open CISM-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open CISA-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open EDR-related jobs
- Open Security Clearance-related jobs
- Open Malware-related jobs
- Open IDS-related jobs
- Open CEH-related jobs
- Open APIs-related jobs
- Open CI/CD-related jobs