Remote Security Researcher

Summary

Join BeyondTrust as a Sr Staff Security Researcher and contribute to building a new ITDR and ITSM solution with a security lake at its center. You'll use your deep security domain knowledge to help counter modern identity threats, set a clear vision for the posture recommendation and detection portion of the product, and drive and implement our detection roadmap.

Requirements

• Most important: Deep understanding of security fundamentals
• Experience working and querying SIEM tools or other log-based data
• Experience in engineering event detection & response tuning
• Knowledge of MITRE ATT&CK framework and general adversarial / defensive security techniques
• Ability to engineer creative, scalable, and out-of-the-box solutions
• Up to date with engineering best practices, security technology trends, tools, and frameworks
• Experience in developing detections for attacker tactics, techniques, and procedures (TTPs)

Responsibilities

• Define and deliver innovative solutions for detecting identity-based attacks and vulnerabilities using rule-based analytics, behavioral analytics, and machine learning
• Provide technical leadership to support product and engineering teams developing threat detection and response capabilities
• Explore customer data using spark and other tools to test detection hypotheses
• Implement detections using pyspark and spark sql
• Continuously collect and analyze telemetry from detections in the field and tune them for quality
• Develop ML models to support advanced detections
• Build custom representations of data (e.g. graphs) to support other advanced detections

Preferred Qualifications

• Knowledge of cloud technologies, virtualization, containers, service-mesh
• Big data experience or a willingness to learn!