Senior Cybersecurity Researcher (Web Threats, Protection for Hosting Providers)
Acronis brings advanced cyber protection solutions to web hosting providers and website owners. As a Cybersecurity Researcher at the global Cyber Protection Operations team, you will be fighting against modern web cyber attacks by comprehensive analysis of latest threats and creating security definition for Acronis products. As an expert in cyber threats you will participate in research, design and development of new cyber protection technologies.
Perform research in some of the following areas of server and endpoint protection:
- Vulnerability assessment and configuration assessment;
- Network security, intrusion detection and protection, including web applications protection;
- Prevention and detection of attacks that utilize malware/hacktools and targeting Linux/UNIX systems.
- Develop, support and tune vulnerability, misconfiguration and threat detection rules.
- Conduct online research of latest cyber threats and ensure it can be prevented/detected with existing technologies. Share research results in blogposts and articles.
- Analyze suspicious scripts, traffic, websites and their contents both found in the wild or retrieved from customers, adding latest threat detections or fixing false alarms.
- Design, develop and monitor automation scripts and pipelines to minimize manual efforts required from analysts/researchers.
- Advise colleagues and customers about real-world attacks and the corresponding detection / prevention countermeasures.
- Linux expertise for 3+ years of system administration / system or web development / security audits for some of the following: RHEL (CentOS) / Debian / Ubuntu;
- Deep understanding of common cyber attack techniques and methods; network protocols; vulnerability and configuration assessment
- Knowledge of Linux security subsystems, tools and conceptions, including logging abilities
- Decent skills in configuring at least one of: web / application / database / mail servers running on Linux/UNIX
- Good interpersonal, written and verbal communication skills
Would be a plus:
- Technical security certifications like OSCP (the best choice) or CEH or proven experience in security assessments
- Practical skills in security scanners, vulnerability & configuration assessment tools, SIEMs, WAFs, traffic analysis software
- Background in development security software or routine security task automation
- Knowledge of OWASP methodologies
- Skills in programming languages enough for fast PoC creation (Python, shell, etc.)
- Decent experience with other UNIX operating systems
- Knowledge of PHP v5+ language
- Practice in reverse engineering and corresponding methods, techniques and tools
- Some Machine Learning skills or wish to improve yourself in this area
- Experience with virtualization, containerization and cloud technologies