Senior Detection Engineer - R&D

The Dragos’ Professional Services and R&D team serves as boots-on-the-ground on solving industrial control system security challenges. We bring that expertise back and integrate it into our software technology: The Dragos Platform. Dragos is looking for a Senior Detection Engineer to join its Research and Development team. This position works closely with Threat Operations Center, Intelligence teams and Engineering teams to drive insights in industrial protocol analysis, network situational awareness, and threat behavioral analytics.

Responsibilities

• Grow our existing repository of asset identification characterizations, protocol parsers, and threat detections for the Dragos Platform 
• Understand open and proprietary protocols to identify software, devices, configurations, and vulnerabilities 
• Analyze and build detection logic collected from a variety of embedded devices, firewalls, network devices, and hosts
• Generate innovative asset identification capabilities, protocol parsers, and threat behavior analytics for the Dragos Platform 
• Produce network focused analytics from threat intelligence and research-generated source data
• Work with customers and industry partners to collect, analyze and capitalize on new host and network analytic opportunities in production environments.

Requirements

• Willingness to be a team player on fast-moving team focused on rapidly innovating the state of industrial security
• 3+ years in security operations, threat hunting, detection development OR offensive operations, threat emulation, security tool development
• Prior development experience with python, rust, ruby, go, lua, etc.
• Awareness of common operating system internals and the ability to identify analytic opportunities
• Comfort working with multi-terabyte host and network datasets 
• Applied knowledge of network communication fundamentals 
• Adept at both verbal presentation and technical writing

Nice to have

• Experience with industrial control systems such as SCADA, distributed control systems, building automation, etc
• Ability to travel (< 25%) to customer sites to collect and analyze data

Dragos is the Industrial Cybersecurity expert on a relentless mission to safeguard civilization.  In a world of rising cybersecurity threats, Dragos protects the most critical infrastructure – those that provide us with the tenets of modern civilization – from increasingly capable adversaries who wish to do it harm.  Devoted to codifying and sharing our in-depth industry knowledge of ICS/OT systems, Dragos arms industrial defenders around the world with the knowledge and tools to protect their systems as effectively and efficiently as possible.  Founded by world-class industrial intelligence experts, Dragos has the industry’s largest team of ICS/OT practitioners who have been on the front lines of the world’s most significant industrial cyber-attacks.  Diversity, Equity, and Inclusion is a core value at Dragos, and we are passionate about building and sustaining an inclusive and equitable working environment for all.  We know that every member of our team enriches our diversity by exposing us to a broad range of ways to understand and engage with the world, identify challenges, and discover, design, and deliver solutions.  Not only does a Diversity, Equity, and Inclusion focus enrich our environment and teams, but it is also critical in our success as we defend adversaries all over the world.  The broad range of ideas, experiences, and perspectives is critical to our success.  We offer equity, competitive salaries, remote working, unlimited PTO, and a comprehensive benefits package including medical, dental, vision, disability, 401K, and life insurance. Dragos is an Equal Opportunity Employer and considers applicants for employment without regard to race, color, religion, sex, orientation, national origin, age, disability, genetics, or any other basis forbidden under federal, state, or local laws.