Threat Researcher

Company Description

Jobs for Humanity is dedicated to building an inclusive and just employment ecosystem. Therefore, we have dedicated this job posting to individuals coming from the following communities: Refugee, Neurodivergent, Single Parent, Blind or Low Vision, Ethnic Minority, and the Previously Incarcerated. If you identify with any of the following communities do not hesitate to register, even if you feel that this particular opportunity is not the right fit for you.

Company Name: Booking

Job Description

Our Cyber Detection & Response (CDR) capability area is seeking a motivated Threat Researcher with experience in the cyber security domain. 

You will be a key player in researching emerging & advanced threats. This highly technical position serves an important role where you will own and work within the Research Team, keeping CDR’s capabilities at their best. 

You will achieve this by performing adversary emulation and research around emerging & advanced threats. You will work on projects aimed at identifying gaps and maturing CDR capabilities in a varied technical landscape, thereby strengthening our cybersecurity foundations. 

There are many attack techniques targeting different technologies that are abused by adversaries  and you will excel in this role as someone who applies an adversarial mindset, is familiar with operating system attack techniques, inhibits adversary success, and can communicate technical concepts in an accessible, concise fashion.

This work is both interesting and challenging from a technical perspective which will allow you to expand your skills further.

B.Responsible

• Work on projects aimed at maturing our overall Threat Detection and Incident Response capabilities
• Perform multi staged Adversary Emulation programs in varied technical environments  
• Perform continuous validation of our detections & security controls( people, processes, and technologies) and work with engineering team to fill the gaps
• Perform research and analyze advanced threats, understand their impact & be up to date with offensive and defensive tradecraft
• Ability to articulate, share and present findings to broader tech & non-tech audiences in clear and actionable manner
• Collaborate with highly technical teams to understand high risk threats and carry out research & analysis to support development of Threat Detection use cases
• Contribute to  CDR relationship management with stakeholders and customers, including vendors and partners
• Support during the high severity cyber security incidents or matters
• Create documentation and provide assistance in building a knowledge base
• Contributes to interviewing, on-boarding, on-call efforts on need basis 

 

B.Skilled

• 3+ years of relevant specific experience in Cybersecurity domain (Security Researcher, Threat Detection, Incident Response, Red Team etc.) 
• Strong understanding in at least one of the following: (1) network forensics including common protocols and how those are used in adversary operations; (2) analyzing sophisticated malware samples used in targeted attacks against large corporate or government entities; (3) analyzing host forensic and log data associated with advanced targeted adversaries
• Strong foundational security knowledge (Networking, Windows, MITRE etc.)
• Experience working with commercial Endpoint Detection & Response (EDR) platforms
• Knowledge of static and dynamic malware analysis tools and methodologies
• Knowledge of programming and scripting languages, in particular Python
• Familiarity with exploitation tools like Cobalt Strike, Metasploit etc. and Command & Control frameworks
• Familiarity with cloud technology (AWS, GCP etc.)
• Strong interpersonal and communication skills 
• Ability to summarize events effectively to both technical and non-technical audiences
• Desirable Certifications: OSCP, OSCE, GCFA,GDAT, GCIH, GXPN 

Preferred Qualifications:

• 2+ years of hands on experience in Adversary Emulation, Red Team, Purple teaming or Threat Research
• Hands-on experience with Security Toolsets (Metasploit, Cobalt Strike etc.)
• Capable of rapidly learning new technologies 

B.offered

• Living and working in Amsterdam, one of the most cosmopolitan cities in Europe;
• Contributing to a high scale, complex, world renowned product and seeing real-time impact of your work on millions of travellers worldwide;
• Working in a fast-paced and performance driven culture;
• Opportunity to utilize technical expertise, leadership capabilities and entrepreneurial spirit;
• Promote and drive impactful and innovative engineering solutions;
• Technical, behavioural and interpersonal competence advancement via on-the-job opportunities, experimental projects, hackathons, conferences and active community participation;
• Competitive compensation and benefits package and some great added perks of working in the home city of Booking.com.

Booking.com is proud to be an equal opportunity workplace and is an affirmative action employer. All qualified applicants will receive consideration for employment without regard to race, colour, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. We strive to move well beyond traditional equal opportunity and work to create an environment that allows everyone to thrive.

Pre-Employment Screening:

If your application is successful, your personal data may be used for a pre-employment screening check by a third party as permitted by applicable law. Depending on the vacancy and applicable law, a pre-employment screening may include employment history, education and other information (such as media information) that may be necessary for determining your qualifications and suitability for the position.