Monday, March 29, 2010

Recruiting: Threat Analyst @ Damballa

OK readers, I've got a roll open right now in the Damballa research team for a Threat Analyst.

If you think you know your Bot's from your APT's, and your script-kiddies from your cyber criminals, then it's time to take the plunge and join the coolest threat research team out there and make a real difference to Internet security.

Drop me an email if you're interested in the role...


Job Position: Threat Analyst
Job Area: Research

Internet security is evolving at an increasingly rapid pace. As the thrust and parry of attack vectors and defensive tactics force technologies to advance, the biggest security threat now facing enterprise organizations lies with botnets. The Damballa Research team spearheads global threat research and botnet detection innovation.

Damballa’s dedicated research team is responsible for botnet threat analysis and detection innovation. From our Internet observation portals, and using the latest investigative technologies to intercept and capture samples, the research team studies the techniques employed by criminal botnet operators to command and control their zombie hordes – mapping their spread and evolution – and developing new technologies to both detect and thwart the threat.

As a Threat Analyst you would be part of the team responsible for providing the threat intelligence that powers the core technologies of Damballa’s products – working with massive threat intelligence collections and cutting-edge botnet detection technologies.

The rapid evolution of the threat means that, as a Threat Analyst, you will also need to be able to deep-dive in to the botnet masters lair – turning over the rocks they hide under and visiting the online portals they do their business in – and be capable of analyzing the evidence of their passing. A key to being successful in this role is the ability to provide internal departments and customers with comprehensive intelligence on newly uncovered botnets and other targeted threats – and to be able to communicate the threat in a clear and concise manner.

Collaborating with the marketing and engineering teams, the Threat Analyst will often need to craft scripts to automate the extraction of botnet intelligence and make it available to the company’s other technologies and its knowledgebase as well as responding to ad-hoc requests for malware analysis driven by business and client needs to determine characteristics, functionality, and/or recommend countermeasures.

The position may entail interaction with the media following the successful outcome of directed research or response activities.

• Intelligence gathering and updating of Damballa threat knowledgebases
• Responding to customer queries for deep-dive information on particular botnets and malware
• Independent threat analysis and data mining of new botnet instances
• Investigation of new botnet command and control tactics and subsequent enumeration of botnet operators
• Focused analysis of botnet outbreaks within enterprise and ISP networks
• Contribution to research and commercial papers describing the evolving botnet threat

Skills & Experience:

• Experience as a cyber-threat analyst, or similar technical consulting role
• Good understanding of TCP/IP networking and security
• Strong script building and automation skills
• Database query formulation and stored procedure manipulation
• Ability to troll underground Internet forums and criminal sites/portals for new botnet intelligence

• BS or MS in Computer Science, Engineering or Physical Sciences
• 3+ years of IT industry experience with 2+ years of Internet security experience
• Proficient in multiple compiled and scripting languages (Perl, Python, Ruby, Java, C, etc.)
• Proficient query design in relational databases (Postgres/pgsql preferred)
• Excellent formal communication and presentation skills
• Ability to read and translate multiple international languages a bonus

No comments:

Post a Comment