Senior Security Research Engineer

Posted 2 months agoViewed

💎 Seniority level: Senior, 5+ years experience in a Senior or Principal role within cyber security research.

📍 Location: United States

🔍 Industry: Cybersecurity

🗣️ Languages: English

⏳ Experience: 5+ years experience in a Senior or Principal role within cyber security research.

🪄 Skills: PythonCybersecurityData AnalysisETLData scienceNosqlCommunication SkillsProblem Solving

5+ years of experience in a Senior or Principal role within cybersecurity research.
6-8 years of professional experience as a Python developer.
Bachelor’s degree or equivalent in Math, Science, Engineering, or Business fields.
Working knowledge of the criminal underground and accessible data sources from the clearnet and deep/dark web.
Self-directed with task identification and delivery capability without direct supervision.
Critical thinker comfortable with collaborative problem-solving.
Excellent communication skills.
Highly self-directed, empathetic, curious, and flexible.

Work directly with teams to support the targeting and collection of recaptured underground data.
Build pipelines for data acquisition and integration into SpyCloud's workflow.
Serve as a subject matter expert on Security Research Engineering and data acquisition.
Document activities to aid the data analysis process.
Continuously enhance recaptured data workflow and ETL pipelines.
Communicate updates to the SpyCloud Labs team and business leaders.
Participate in security research, investigating threat actors and malware.
Mentor junior security researchers and engineers through code review and guidance.

Posted 26 days ago

📍 U.S.

🧭 Full-Time

💸 130000.0 - 185000.0 USD per year

🔍 Cybersecurity

🔧 Requirements

Proficient in general cloud computing and security concepts.
In-depth understanding of Azure or AWS; experience with both is a plus.
Familiarity with specific Azure features like Defender for Cloud and network security groups, and AWS features like IAM and VPC security.
Solid knowledge of tactics used in offensive cloud operations and modifying them to bypass defenses.
Clear understanding of state-of-the-art security practices in computer and network security.
Experience developing written materials and training assessments for technical audiences.
Collaboration experience with e-learning specialists or interactive training solutions.
Understanding of adversary kill-chain and exploitation scenarios.
Basic knowledge of scripting languages such as PowerShell, Bash, or Python.
Experience in incidents management, vulnerability checking, risk handling, threat analysis, and network monitoring.
Desire to learn and share knowledge within the team.

💡 Responsibilities

Develop educational curriculum on red team/offensive tactics and blue team DFIR strategies specific to cloud technologies.
Create learning materials including functional exercises, written lessons, simulated attack scenarios, and assessments.
Architect cyber range scenarios that include adversarial tactics and advanced detection strategies.
Install and baseline security monitoring and response technologies in cyber ranges.
Stay updated on the latest offensive strategies and cybersecurity practices.
Assess cloud cybersecurity knowledge, skills, and abilities of individuals and teams.

AWSPythonBashCloud ComputingCybersecurityAzureScripting

Posted 26 days ago