We are seeking a highly skilled and motivated Cyber Security Researcher specializing in host security with a passion for cyber-attack analysis and broad experience in protecting Linux-based systems and networks from cyber threats.
As a member of our AI & DE & Cybersecurity team, you will play a crucial role in innovating new features and techniques to enhance malware protection, early threat detection, and automated incident response on Linux-based edge servers and IoT environments. Your expertise in implementing advanced detection algorithms, particularly based on eBPF and other modern techniques, will be instrumental in securing our AI EdgelLabs product.
Essential position responsibilities:
- Research and Implement Detection Algorithms: Conduct in-depth research on various host-based attacks, such as command injection, code injection, LFI, RFI attacks, XXE attacks, path traversal, SSTI attacks, file upload attacks, remote code execution, and reverse shell attacks. Leverage your expertise in eBPF and other cutting-edge techniques to design, develop, and implement effective algorithms to detect and mitigate these threats.
- Malware Analysis and Signature Development: Analyze malware threats to identify key characteristics and behaviors. Develop signatures, rules, and indicators of compromise (IOCs) to detect and block malicious activities effectively.
- Develop Tools and Techniques: Create and maintain custom scripts, plugins, and sandboxes for malware detection and analysis purposes. Continuously improve and update these tools to keep up with evolving cyber threats.
- Network Traffic and Payload Analysis: Conduct thorough research and analysis of network traffic and payloads to identify and understand emerging malicious activities and threats.
- Machine Learning and AI Integration: Collaborate with data scientists and machine learning engineers to collect and prepare relevant data sets for training machine learning models. Assist in developing, testing, and deploying machine learning algorithms for malware detection and classification.
- Security Solutions Evaluation: Continuously assess the effectiveness of existing security solutions and technologies. Based on real-world threat analysis and trends, provide recommendations for improving our security posture.
- Vulnerability Assessment and Penetration Testing: Perform hands-on pentesting and hacking to assess vulnerabilities in our systems. Utilize tools like Metasploit, Nmap, and Burp Suite to identify potential weaknesses and propose meaningful mitigation strategies.
- Security Incident Response: Assist in security incident response activities and technical investigations to train our autonomous Cyber AI. Share insights and recommendations to enhance incident response procedures.
- 3+ years of Cyber Security Research experience with a focus on Linux OS, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education.
- Proficiency with eBPF and framework based on eBPF (Falco, bpftrace, bcc, etc.)
- Proficiency in malware analysis tools and techniques, including dynamic and static analysis, reverse engineering, and memory forensics.
- Familiarity with malware sandboxing tools and virtual machines.
- Hands-on experience in pentesting and hacking. Familiarity with vulnerability assessment and penetration testing tools such as Metasploit, Nmap or Burp Suite.
- Basic knowledge of security issues associated with containers, Kubernetes, Distributed Systems, and Linux of large-scale web applications.
- Hands-on programming experience in Python, Golang, Bash, or any other programming language.
- Experience building IoT/OT, Edge, and network security solutions.
Would be a big plus:
- Knowledge and understanding of vulnerability identification and remediation.
- Knowledge of IoT cloud networking architecture, operations, security.
- Knowledge and understanding of information security industry standards and government regulations.
- Solid knowledge of the TCP/IP stack and networking technologies.
- Experience with network security technologies, including firewalls, intrusion detection/prevention systems, and endpoint protection solutions.
- Knowledge of the MITRE ATT&CK framework and Cyber Kill Chain.
- Knowledge of IoT cloud networking architecture and operations, security.
What we can offer:
- Unique working experience on an Autonomous Cyber AI solution for Edge and IOT environments.
- Competitive salary.
- All other perks and benefits.