Junior Vulnerability Analyst (Entry Level)

Do you want to expose and help mitigate vulnerabilities targeting power plants, water facilities, manufacturing systems, and other industrial control systems? Dragos works to discover these threats, develop innovative analytics for detection, support investigations and incident response, and provide customers with world-class vulnerability analysis. Unlike many other teams with a broader mission, we focus solely on operational threats to industrial control networks; this gives our analysts the time and space necessary to do world-class research and intelligence on the most critical components of infrastructure.
Dragos secures civilization by providing cyber security to industrial control environments worldwide. As a Junior Vulnerability Analyst you will evaluate control systems, operational networks, and ICS applications to measure the impact of exploits and attacks. You will then inform customers to enable decision making and develop analytics to detect their use in operational environments.
At Dragos, we are not traditional intelligence analysts; we are hunters of evil which threatens the functions of civil society. We are dedicated to the idea that intelligence not properly communicated is not intelligence at all. We strive to identify true and accurate impact of threats within the environment, allowing customers to properly assess the risk. If you are excited about this opportunity, please let us know!
This role is 100% remote and can be located anywhere in the US.

Responsibilities

• Monitor vulnerability sources assessing their impact and measuring severity to customer operations
• Analyze vulnerabilities and exploit code
• Analyze systems, networks, applications for vulnerabilities
• Translate analysis into both behavioral analytics and contextual reporting
• Conduct trend analysis to identify patterns and particular areas of concern
• Work with a variety of partners to properly manage vulnerabilities
• Support incident response and threat operations with on-demand analysis
• Integrate vulnerability into threat intelligence providing a cohesive narrative for customers

Requirements

• Demonstrated ability to validate and assess a vulnerability based on description alone
• Demonstrated ability to appreciate a vulnerability’s impact to both IT and ICS operations with a measured understanding of real-world effect
• An understanding of vulnerability scoring mechanisms along with their benefits and challenges
• A strong willingness to learn, grow, and improve your experience and skills

Nice to have

• Experience with industrial control systems and their vulnerabilities
• Experience reverse engineering malware with static and dynamic tools and techniques and familiarity with malware code constructs
• Experience developing YARA, snort, and Bro signatures
• Experience working with an operations center and incident response team
• Experience with Python

Compensation

• Compensation consists of competitive salary, comprehensive benefits plan (medical, dental, vision, disability, 401K, life insurance), and a generous initial Equity Grant as well as additional annual equity grants and potential performance bonus equity. (Equity is growing fast and significant). 


• Total Compensation:  $145,000
• Remote Work Option
• Unlimited PTO

Dragos is the Industrial Cybersecurity expert on a relentless mission to safeguard civilization.  In a world of rising cybersecurity threats, Dragos protects the most critical infrastructure – those that provide us with the tenets of modern civilization – from increasingly capable adversaries who wish to do it harm.  Devoted to codifying and sharing our in-depth industry knowledge of ICS/OT systems, Dragos arms industrial defenders around the world with the knowledge and tools to protect their systems as effectively and efficiently as possible.  Founded by world-class industrial intelligence experts, Dragos has the industry’s largest team of ICS/OT practitioners who have been on the front lines of the world’s most significant industrial cyber-attacks.  Diversity, Equity, and Inclusion is a core value at Dragos, and we are passionate about building and sustaining an inclusive and equitable working environment for all.  We know that every member of our team enriches our diversity by exposing us to a broad range of ways to understand and engage with the world, identify challenges, and discover, design, and deliver solutions.  Not only does a Diversity, Equity, and Inclusion focus enrich our environment and teams, but it is also critical in our success as we defend adversaries all over the world.  The broad range of ideas, experiences, and perspectives is critical to our success.  Dragos is an Equal Opportunity Employer and considers applicants for employment without regard to race, color, religion, sex, orientation, national origin, age, disability, genetics, or any other basis forbidden under federal, state, or local laws.