UnderDefense is built with the understanding that People — are the key factor to build effective Security and IDR processes, and utilizing cutting edge tools — to prevent and respond to the latest attacks. We cultivating the next generation of cybersecurity practitioners.
1 апреля 2021

Security Researcher R&D (вакансия неактивна)

Львов

Необходимые навыки

Experience
If you was in Malware analysis team for few years or with Red team — it is awesome. You are our candidate
Experience with MITRE and how SOC team works and react — will help a lot
Hands on with CobalStrike, PowerShell Empire, Powersploit, metasploit, AutoSploit, venom, Pivotsuite, Responder
Seen on practice DGA & Command and Control (C2) console
In-depth knowledge of network protocols WinRM, WMI, HTTP/S, SMB, DNS, ICMP, TCP/UDP
Fundamental understanding of security tools such as SIEM, IDS/IPS, Web Proxies, DLP, CASB, SIEM, DNS security, DDoS protection, and firewalls
Knowledge of Microsoft Windows systems including active directory and Unix systems.
Knowledge of attack vectors, threat tactics and attacker techniques. Experience applying Mitre ATT&CK matrix.
Experience analyzing and inspection log files, network packets, and any other security tool information output from multiple system types
Familiar with basic reverse engineering principles and understand of malware, rootkits, TCP/UDP packets, network protocols

Будет плюсом

FlareON badges or OSCP
Strong python skill
English and good idea communication skill
Demonstrable attention to detail, creative problem-solving, and persistence in your work product
Work comfortably at a fast-paced, multi-tasking environment

Предлагаем

Becoming a part of Startup Success Story
18 days vacation, paid sick leave
Competitive salary
Flexible work schedule
Free English lessons
Comfortable office
Exciting work in a dynamic Team

Обязанности

Research latest CERT and industry reports, Threat intel analytics, and TTP. Drive product vision
Analyze trends/threats and run new EVIL samples in our awesome LAB
Analyze attacks patterns, fingerprints, anomalies and new ransomware techniques
Research & Develop new threat algorithms to detect it on scale during Lateral Movement in stream analytics platform
Maintain a isolated test / lab environment to run latest malicious activities and generate artifacts (telemetry, reports, docs, manuals, pcap)
Consult development team on implementing new features and functionality for product
Run and automate attacks and simulations to assure detections works as expected
Analyze and convert from SIGMA to new detection format
Cooperate with our Red team to run some of complex attacks