Vehere - Security Researcher (8-10 yrs)

Job Summary :

You will be part of the team that develops Vehere's next generation security product.

Our ground breaking technology, services delivery, and intelligence gathering together with our innovations in machine learning and behavioral-based detection, allow our customers to not only defend themselves, but do so in a future-proof manner.

The team is responsible for researching the software vulnerability and malware, simulating cyber-attacks and developing the detection solutions to Vehere's NBAD and PCAP solution.

As a member of this team, you have the opportunity to work on different projects to enable customers to have full visibility on their network as well as prevent cyber-attacks.

Key Roles and Responsibilities :

- This role is aimed to build and develop an understanding of a variety of threats and build systems to create defence mechanism against them. This may also include understanding how well we do, given a body of samples under a variety of configuration settings.

- This role will create the rules, content-packs and hunting triggers for Vehere's next generation security product. This involves tracking capabilities of new and existing public cloud services and understanding how adversaries may exploit these resources to advance their modes of interest.

- The role also involves mapping industry-standard compliance standards onto public cloud infrastructure, to provide customers insight into cloud hygiene and compliance.

- This person will be required to gather the data, analyze the data using machine learning or otherwise, identify its criticality, build models with the help of SMEs and automate simple tasks.

- They will also be responsible for troubleshooting issues with current data and making enhancements.

- Adhere to high quality work standards.

- Responsible for maintaining Confidentiality, Integrity and Availability of Vehere's information assets including business critical information.

Skills and Experience :

- Minimum 8 years of researching threats and adversaries at least in one of the public cloud services (AWS, Azure or GCP).

- Tracking and researching release of new cloud resource types and services, with a focus on security risk and attack surface expansion.

- Research mind-set, with a hold on where to look for relevant information pertaining to cloud threats, vulnerabilities and key adversaries' modes of interest.

- Coordinating with Security SMEs to build hunting rules and triggers, which focus on adversary activity within the cloud control plane.

- Handle Customer escalations, to identify False-Positive & False-Negative.

- Data discovery and validation (Data efficacy & Accuracy).

- Good understanding of public cloud resource and control plane threats and vulnerabilities.

- Experience of running cloud security research projects.

- Programming/scripting knowledge for automating day to day tasks - Python, Scala and Linux shell.

- Ability to communicate, collaborate with engineers and security researchers.

- Familiarity with common security compliance standard.