Security Research Engineer

Come work at a place where innovation and teamwork come together to support the most exciting missions in the world!

We are seeking a highly skilled and driven Security Research Engineer to join our Vulnerability Detection Signature Research team. In this role, you will lead efforts to research, develop, and deliver detection signatures for our vulnerability scanning products. As part of the sustenance research team, you will play a critical role in resolving vulnerability scanning and detection issues that affect our customers. You’ll ensure expert handling of customer concerns, including managing technical escalations. Success in this role requires close collaboration with cross-functional teams to address complex challenges. A strong technical background in vulnerability management, scanning tools, and security best practices is essential, along with a proven ability to troubleshoot and resolve customer-facing issues effectively.

Responsibilities 

• Development, implementation, and continuous improvement of vulnerability detections and scanning processes for customers
• Investigate, analyze, and troubleshoot vulnerability detection issues reported by customers, then modify the code to resolve these problems. 
• Build automation for day-to-day tasks. 
• As a Security Research Engineer, you will also dedicate time to staying up-to-date with the latest vulnerabilities, attacks, and countermeasures 
• Externalize research by writing blog posts, presenting at security conferences, etc. 
• As a Security Research Engineer, you would also work alongside information security engineers to execute internal projects. 

Qualifications 

• 3+ years of industry experience in network and systems security
• Demonstrated experience with vulnerability scanning tools and vulnerability management processes
• In-depth knowledge of protocols such as TCP/IP, HTTP, FTP, SSH and SSL
• Strong understanding of common security vulnerabilities (e.g., OWASP Top 10, CVEs, etc.) and their remediation
• Experience with scripting languages, including Python and Bash 
• Experience with network analysis tools, analysis of packet captures. 
• Proficient with regular expressions. 
• Ability to shift priorities as needed and demanded by the customer requirements
• System administrator experience on Windows or Unix platforms
• Strong understanding of VPN, Firewalls, Intrusion detection systems (IDS)
• Proven ability to manage customer escalations and deliver effective solutions under pressure
• Excellent written and verbal communication skills

Additional Plus Competencies 

• Understanding of Lua (preferred), Java. 
• Knowledge of Virtualization software (VMWare, Virtual PC/Virtual Box, XEN, etc) 
• Experience in cloud security (AWS, Azure, GCP) and containerized environments (Docker, Kubernetes). 
• Able to handle projects independently 
• Experience in developing security-related tools/programs. 
• OSCP, CISSP or SANS GIAC certifications