Senior Security Researcher - CTU Operations - Dell Secureworks - Bucharest, Romania
Bucharest, RomaniaJob ID R028704 Date posted Aug. 09, 2019
Secureworks (SCWX-NASDAQ) is a global leader in intelligence-driven information security solutions. We help organizations confidently pursue business goals in a digitally-connected world. Consistently recognized by industry analysts and readers’ polls, we are one of the best in the world at understanding and anticipating threat behavior. We see 250 billion events every day across 4400 clients in more than 55 countries, and our solutions work across all the layers of a client’s security environment, including 330 different vendor technologies. Join a talented, dedicated, and diverse team of researchers, analysts, engineers, consultants and business professionals who are focused 100% on protecting our clients from cyber threats. We seek out the brightest minds and empower our teams with the tools and support they need to fight the bad guys and maintain our company’s leadership in the cyber security industry.
Uniquely positioned to adapt as the industry evolves, we are also proud to be part of the Dell Technologies family. We enjoy competitive compensation and benefits packages, and reward and recognize our employees for exceptional results. A constant focus on continued learning and growth keeps our team members engaged and excited about “what’s next.” We offer flexible work options when available, and emphasize the importance of work-life balance. We know that when our people are rewarded, recognized, and rejuvenated, we win as a team.
This role involves joining the world class Dell Secureworks Counter Threat Unit as part of the Security Operations team. This team focuses on creating countermeasures from malware and vulnerability research, identifying threats and trends by analyzing millions of security events using technologies such as VLDB and Palantir, and providing subject matter expertise and context around security issues to customers, internal, and external partners.
The successful candidate will possess deep technical knowledge, a passion for security, strong problem solving abilities, and the ability to work effectively both as an individual and with others. The CTU prizes innovation and encourages team members to find novel ways to solve problems. Information security is a cross discipline endeavor and we look for individuals from a wide variety of backgrounds, as long as they possess good tech knowledge and the drive to thrive.
Responsibilities include, but are not limited to, the following:
- Proactively identify and characterize new threats, vulnerabilities, and risks to customer security context
- Apply threat research to create customer protections to include documenting, developing, testing and optimizing security countermeasures
- Provide customers with understandable context around their security environment and threats
- Handle and respond to top tier security escalations from our Security Operation Center (SOC) and Consulting teams
- Produce and deliver intelligence products to internal teams and customers in the form of briefings, reports, and presentations
- Provide mentorship to Dell Secureworks team members and customers on security strategy, tactics, techniques, and procedures
- Innovate and execute on short-to-moderate term projects
- Enhance the CTU and the Information Security community as a whole by public speaking and other service
- Graduate degree in Information Security, Computer Science, or other applicable field with relevant research and/or 2-4 years of relevant experience; or undergraduate degree in Information Security, Computer Science, or other applicable field plus 4-8 years of relevant experience; or 6-8 years of relevant experience or equivalent combination of education and work experience
- 2+ years of experience in information security, with Network IPS/IDS, especially Snort based preferred
- 2+ years of experience in systems administration, systems engineering, software development, network engineering or related fields
- 2+ years of experience in programming
- 1+ years of experience with Host-based IPS/IDS, especially Red Cloak preferred
- Knowledge of common vulnerabilities, exploits, and mitigations
- Experience with standard security devices including firewalls, proxies, IDS/IPS, Web Application Firewalls
- Ability to research and characterize security threats including creating appropriate countermeasures
- Ability to create and query SQL databases
- Technical knowledge of fundamental internet protocols, services, and technologies to include HTTP, TLS, DNS, SMTP, TCP/IP, ICMP, AJAX, JSON, REST
- Unimpeachable personal and professional integrity
- Experience in one or more of the following:
- Penetration Testing
- Reverse Engineering for either vulnerability discovery/assessment or malware analysis
- Incident Response
- Discrete mathematics and common cryptography algorithms
- Recognized expertise in at least one aspect of information security, to include significant publication and/or presentation of a research topic to public forum, conference, or journal
- Demonstrated track record of identifying and pursuing strategic and complex areas of security research in collaboration with internal and external stakeholders at all levels, to include defining appropriate policies, practices, and countermeasures
- Courage and willingness to challenge conventional wisdom
- Strong technical communication skills, both written and verbal
- Effective time management and organizational skills
- CISSP, GIAC, SSCP, or CEH certification preferred
Secureworks, a Dell Technologies company, is committed to the principle of equal employment opportunity for all employees and to providing employees with a work environment free of discrimination and harassment. All employment decisions at Secureworks are based on business needs, job requirements and individual qualifications, without regard to race, colour, religion or belief, national, social or ethnic origin, sex (including pregnancy), age, physical, mental or sensory disability, HIV status, sexual orientation, gender identity and/or expression, marital, civil union or domestic partnership status, past or present military service, family medical history or genetic information, family or parental status, or any other status protected by the laws or regulations in the locations where we operate. Secureworks will not tolerate discrimination or harassment based on any of these characteristics.