What will you do?
You will proactively look for the newest and most sophisticated attacks techniques, deeply research and understand their internals and emulate these attacks in order to assess and improve our detection engines.
You will be conducting a comprehensive analysis of potential attack paths within diverse systems and networks in cloud environments. You will be responsible for identifying and prioritizing potential vulnerabilities and weaknesses that could be exploited by cyber adversaries.
You will build tools to support detection assessments, create proof-of-concepts for the newest techniques & exploits, and develop automation flows to automate unconventional attacks and offensive frameworks.
You will work closely with our Threat-Intelligence team, research and engineering detection teams, to provide guidance and expertise in attack path analysis.
You will be responsible for writing detection content for attack path scenarios and threats and checking for false positive rates.
Experience in cloud attack path analysis, vulnerability assessment, and threat modeling.
Familiarity with cloud services, Kubernetes, cloud architecture, and major cloud providers (AWS, GCP, Azure).
In-depth understanding of cloud ecosystem, security principles, services, configurations, best practices, and relevant frameworks.
2+ years of experience in Red Teaming / Offensive Research / Penetration Testing with deep understanding of OS internals (Windows/Linux).
Hands-on experience with coding in Python and C/C++.
Deep understanding of the malware world (how malware operates, infamous families, evasion and exploitation techniques).
Advantage
Experience in malware analysis (statically and dynamically) and reverse engineering (x86/x64).
Understanding of existing AVs internals.
Experience writing detection signatures/heuristics.