Associate Threat Research Engineer
LogRhythm is looking for an Associate Threat Research Engineer that will help drive the R&D efforts of the LogRhythm Labs team; taking threat research (attackers and their tactics, techniques, and procedures) and turning that into actionable intelligence for our SIEM. This critical role offers the opportunity to join the fastest growing private SIEM solution provider and join a team whose production continues to have a significant impact on the growth of LogRhythm.
Opportunity
This position gives you the ability expand your career in Incident Response, Threat Intelligence, Penetration Testing. This role is helping organizations do the right thing to protect themselves against malicious attackers. This is an opportunity to work with the most advanced SIEM solution in the world to develop content that operationalizes threat intelligence.
Responsibilities
- Develop content, analytics and detection around threat actor’s tactics, techniques & procedures that is deliverable through our daily knowledge base updates
- Research and test new attacker techniques, detection, mitigation and remediation strategies against LogRhythm products
- Leverage LogRhythm product features to quickly and efficiently detect and respond to security events
- Maintain LogRhythm threat detection content for delivery to customers
- Analyze and investigate malicious files, create actionable intelligence from analysis results
- Investigate and track cyber adversaries through open source threat intelligence
- Be an active member in the intelligence community through blogging, forum participation, whitepapers and other dissemination techniques
- Assist the internal security team with analysis and response to advanced security threats
Qualifications
- 1-2+ years of educational or industry experience
- Deep technical understanding of computer operating systems, computer hardware and software and network infrastructure
- Experience using computer security, forensic and threat intelligence tools
- Understanding of vulnerabilities, exploits and the latest attack vectors
- You have knowledge of IT infrastructure and its role in security; hands-on experience with host, network, and user technologies, to include the analytics that drive them.
- Incident response experience a plus, in which you perform in-depth forensics analysis against network data, system data, and log data.
- The ability to communicate your ideas via written and verbal communications such as writing blog posts and creating webinar content for delivery to customers
- Experience writing program code and interfacing with web service APIs
- You have relevant education that lines up with the work.
- Experience using SQL and Elasticsearch databases a plus
- Experience programming in .NET, Python or Go languages a plus