Nightfall AI is hiring a
Security Researcher

Summary

The job is for a Security Researcher at Nightfall, a cybersecurity startup. Responsibilities include proactive threat hunting, data exposure detection, blue teaming, exploit and vulnerability research, event correlation analysis, writing blog posts and whitepapers, custom detector development, internal automation projects, staying updated on current threats and trends, and representing the company at events. Requirements are strong scripting, automation, and data analysis skills, threat hunting experience, understanding of tools, tactics and procedures of threat actors, incident analysis and response experience, excellent reporting, analytical, writing, speaking, and presentation skills, understanding of web protocols and web application security, and experience with various data detection and identification techniques.

Requirements

• Strong scripting, automation, and data analysis skills (Python and SQL preferable)
• Hands-on threat hunting experience and experience working with massive data sets, SIEMs, and data warehouses
• Strong understanding of tools, tactics and procedures (TTPs) of threats actors
• Experience in Incident Analysis and Response using industry standard frameworks
• Must be able to validate findings, perform root cause analysis, and deliver recommendations for fixes
• Excellent reporting, analytical, and writing skills to author blog posts and whitepapers
• Strong speaking and presentation skills to present research at live events and conferences
• Strong understanding of web protocols and web application security
• Experience working with various data detection and identification techniques

Responsibilities

• Proactively hunt threats, discover data exposure and leakage, blue team, and perform exploit and vulnerability research, all to find and close holes exploited by bad actors
• Perform event correlation analysis using data gathered from a variety of sources to detect and confirm attacks
• Provide timely detection and alerting of possible exposure, attacks, and intrusions
• Write blog posts and whitepapers related to advanced threat and leakage analysis
• Write custom detectors to discover new instances of data types
• Work on internal automation projects and build tools to aid in threat hunting activities
• Continuously review security bulletins and related news; stay apprised of current threats and trends
• Represent Nightfall at events and conferences