Senior Threat ResearcherWaltham or Remote

Why Carbon Black?

At Carbon Black, the leading provider of next-generation endpoint security, you'll have the chance to make an impact in the ever-evolving cybersecurity space. Our advanced technology tackles even the toughest challenges and stays ahead of the latest threats. If you want to join an agile company that's building bleeding edge technology in the cloud, Carbon Black is the place for you. Driven by passionate people who are dedicated to making the world safer, it's no wonder we've been named a "Top Place to Work" by the Boston Globe for four consecutive years. Join us!

Why You Matter

Carbon Black, the leader in advanced threat protection, is seeking a Senior Threat Researcher. This is a senior level position in Cyber Security, targeted toward individuals with more than 10 years of experience. Educational and personal experience with network/systems administration and/or information security related work is necessary. Expert understanding of modern defensive and offensive security tools, techniques and methods required.

Senior Threat Researchers at Carbon Black are responsible for leading, conducting and presenting threat research done by Threat Analysis Unit (TAU) and build systems used across our security program. This includes the strong understanding of endpoint detection, cloud technologies, security operations, current threatscape and emerging threats. Senior Threat Researchers are also expected to provide mentorship to other members of the team, and take lead in maturing procedures, evaluating new security technologies, incident response, penetration testing, and prototype/experiment with new ideas and technologies to improve both our product and services.

What You'll Do

• Performs security research, handle complex security events, and analyze incident response, coordinate with other teams
• Ensure that we are implementing best practice security policies that address the client's business need while protecting their vital corporate assets
• Work closely with internal and external customers for product and service improvements.
• Take ownership or support ongoing projects by assisting in the implementation, research, testing and documentation of security related projects.
• Dig through mountains of real world data to help build a massively scalable, automatically updating Threat Intelligence Ecosystem.
• Research anomalies to uncover new threat actor groups, malware, vulnerabilities, tools, and techniques.
• Share data and expertise with private and public communities - Create custom rules for dissemination into the Carbon Black product suite.
• Maintain knowledge of emerging security technologies and discipline developments. Research and manage the implementation of new technologies to enhance our products and customers' security postures.
• Manage and lead evaluations conducted by external third parties, including vulnerability assessments, product efficacy and penetration tests. Respond to reported product security vulnerabilities and bypasses.
• Serve as subject matter expert (SME) and tier three support for security team members as they manage security events and incidents.
• Being the voice of Research team to Product Marketing and Engineering, enabling to respond to real world customer demands and capabilities.
• Train and mentor security leaders and managers, security operations teams, threat intelligence groups and incident responders including team members outside of the TAU group
• Actively participate in the Carbon Black User-Exchange community as a subject matter expert, presenting in forums, online and at conferences.

Technical Skills / Experience:

• Advanced skills in Windows, Linux, and/or OSX

• Experience with a number of the following is a requirement: Unix Shell scripts, Perl, Python, Powershell, C#

• Endpoint Security (e.g. Carbon Black Protection, Carbon Black Response, Symantec, McAfee, Forefront)
• Windows Management (e.g. WSUS, SCCM, SCOM, Active Directory, Group Policy Objects,)
• Vulnerability Management (e.g. Nexpose, Tenable Nessus, Qualys)
• Penetration Testing Tools (e.g. Metasploit, Backtrack, Kali) and offensive techniques
• Operating Systems (e.g. Windows Desktops and Servers 2008/2012 etc, CentOS/Ubuntu/Debian Linux, OSX)
• Ability to translate descriptions of attacks or malware techniques into proof of concept demonstrations for testing and product improvement.
• Experience with building and/or managing large scale virtualized attack "firing ranges" a plus

What You'll Bring

• Understanding of exploits and attacks against Windows, Linux and OSX systems.
• Windows system internals experience
• Knowledge of x86 and x64 instruction set architectures
• Ability to use IDA Pro for reverse engineering, as well as other debuggers, hex editors, and disassemblers
• Understanding defensive capabilities and how attackers bypass them
• Understanding of anti-analysis techniques and how to work around them.
• Experience creating and/or developing analysis environments
• Ability to analyze malware and extract indicators and feed them back into the products
• Understanding the threat landscape and latest attack techniques
• Strong analytical skills to define risk, identify potential threats, and develop action/mitigation plan. An ability to communicate these concepts to technical and non-technical audiences
• Strong interpersonal skills, ability to mentor/train staff and bring awareness to current and emerging threats
• Certifications a Plus: CISSP, SANS GIAC Certifications (GCIH, GPEN, GSEC, etc.) OSCP/OSCE
• Strong written and verbal communications skills with an ability to present technical risks and issues to non-technical audiences

Who We Are

Carbon Black is the leading provider of next-generation endpoint security. Carbon Black's Next-Generation Antivirus (NGAV) solution, Cb Defense, leverages breakthrough prevention technology, "Streaming Prevention," to instantly see and stop cyberattacks before they execute. Cb Defense uniquely combines breakthrough prevention with market-leading detection and response into a single, lightweight agent delivered through the cloud. With more than 13 million endpoints under management, Carbon Black has more than 3,600 customers, including 30 of the Fortune 100. These customers use Carbon Black to replace legacy antivirus, lock down critical systems, hunt threats, and protect their endpoints from the most advanced cyberattacks, including non-malware attacks. 

Carbon Black, Inc. is an EEO/AA employer. Carbon Black is an inclusive employer that believes in workplace equality, supports diversity, creates a welcoming environment, and respects the unique qualities each individual brings to the company.