ExtraHop is on a mission to protect and propagate trust by revealing the cybertruth: the truth about the attackers already inside an organization’s network, the truth about what they’re doing, and how to stop them at top speed. We partner with every customer, every day, to reveal it. Are you ready to join us?

We are ExtraHop. We’re on a mission to provide security teams with the intelligence they need to confront and stop advanced threats like supply chain attacks, zero day exploits, and ransomware attacks. Attackers still have the advantage. We’re taking it back with creativity, intellectual curiosity, and a sense of humor. Are you ready to help us reclaim the upper hand?

Do you like securing complex networks? Want to be a part of a collaborative team that builds solutions that protect some of the biggest networks in the world? ExtraHop is seeking a Senior Security Engineer experienced with threat detection and networking to grow our world-class Threat Research team.

We are looking for a self-starter that enjoys investigating cyber attacks and how adversaries are traversing the network for lateral movement. You must have a strong understanding of the attack lifecycle and a deep desire to stop attackers before they can do damage.

Duties & Responsibilities

Reproduce and analyze network-based cyber attacks, including vulnerability exploitation and lateral movement.
Communicate in writing research findings to detection engineering and collaborate in writing detectors to detect cyber attacks.
Mentor and teach less experienced security engineers about cyber attacks, malware analysis, vulnerabilities research, or other areas of expertise.
Work with management and other team members to improve analysis and detector development processes.

Required Skills & Experience

Bachelor’s degree or equivalent experience in cyber security, computer science, engineering, or network forensics.
Experience in penetration testing, red teaming, or capture the flag competitions that include hands-on execution of attacks and vulnerability exploitation.
Experience in writing or working with signatures (Suricata or Snort) or machine learning intended to detect network-based cyber attacks.
Strong understanding of network security and networking basics, including the OSI model and excellent working knowledge of the key protocols from Layer 2 through Layer 7, including IP, TCP, UDP, and HTTP.
Good communication skills with the ability to clearly communicate in writing technical details about attacks.
Strong working experience in using Wireshark, TShark or other network analysis tools.
Strong working experience with Python or equivalent scripting languages.

Desired Skills & Experience

3 years of professional experience as a Threat Researcher, Penetration Tester, or Vulnerability Researcher.
Familiarity with MITRE’s ATT&CK Framework.
Familiarity with VM and container technologies for setting up ephemeral environments for research.
Familiarity with Windows protocols and reconnaissance and lateral movement techniques in Windows environments.
Knowledge of various signature frameworks, including YARA, ClamAV, JA3, and JARM.

All R&D Employees will be required to attend 2 mandatory in-person events every year of approx. 4 days duration.

$136,000- $180,000 + benefits

Applicants must be authorized to work for ANY employer in the U.S. We are unable to sponsor or assume sponsorship of an employment Visa at this time.

#LI-CS1

#remote

ABOUT EXTRAHOP

ExtraHop is the cybersecurity partner enterprises trust to reveal the unknown and unmask the attack. We’re on a mission to protect and propagate trust by revealing the cybertruth, and we partner with every customer, every day, to uncover it. Our Reveal(x) 360 platform is the only network detection and response solution delivering the 360-degree visibility needed to see everything on the network. When organizations have full network transparency with ExtraHop, they can see more, know more, and stop more cyberattacks.

ExtraHop is recognized by leading organizations for both its innovation in the market and its commitment to building a world-class team. We’ve been recognized as a “Customer’s Choice” by Gartner Peer Insights™ Voice of the Customer, and as a Leader in the Forrester Wave®: Network Analysis and Visibility, Q2 2023. ExtraHop has won AI Breakthrough Awards four times (2018-2020, 2023) and our Channel Partner program has received a 5-star rating from CRN for our 2023 Partner Program Guide. Our flagship product, Reveal(x), has received numerous accolades, including a 2022 Edison Award for Cybersecurity.

Benefits/perks listed below may vary depending on the nature of your employment with ExtraHop and the country where you work.

Health, dental, and vision benefits
Honor System PTO and 9 Holidays (US only) + 3 Days of Paid Volunteer Time
Non-Commissioned positions are eligible to participate in annual discretionary bonus plan
FSA and Dependent Care Accounts + EAP where applicable
Educational Reimbursement
401k with employer match or Pension where applicable
Pet Insurance (US only)
Parental Leave (US Only)
Hybrid and Remote Work Model

*Candidates should note that the Company may modify reporting relationships, job titles and compensation, including commissions and benefits, from time to time at its sole discretion, as it deems necessary, with or without prior notice.

We are intentional about our culture, diversity, and inclusion, and we welcome everyone to come ready to participate in contributing to this truly unique environment. At ExtraHop, we believe that the best products, services, and companies are built by strong teams that include a diversity of backgrounds, perspectives, ideas, and experiences. We are committed to supporting and enabling growth and opportunity for every employee at every level. This is the foundation of our success.

We are equally committed to equal employment opportunity, and it is foundational to how we recruit and hire our talented team. Employment is determined based upon capabilities and qualifications without discrimination on the basis of race, color, religion, sex, gender identification and expression, marital status, military status, pregnancy (including but not limited to potential pregnancy and pregnancy-related conditions), sexual orientation, age , national origin, ancestry, citizenship or immigration status, disability ,, genetic information, or any other protected class as established by law.

Our people are our most important competitive advantage, leading the charge cyber criminals and insider threats.

Ready to join us? #Extrahop #Security #NDR #informationsecurity #cybersecurity #cloudsecurity #infosec #LI-Remote

Apply for this Job

* Required

First Name *

Last Name *

Email *

Phone *

Resume/CV *

Dropbox Google Drive

(File types: pdf, doc, docx, txt, rtf)

Cover Letter

Dropbox Google Drive

(File types: pdf, doc, docx, txt, rtf)

When autocomplete results are available use up and down arrows to review

+ Add another education

Address: City and State *

LinkedIn Profile

Website / Portfolio

GitHub

Are you able to work in the United States? *

Will you now or in the future require sponsorship for employment visa status (e.g. OPT, H-1B visa status)? *

Are you legally authorized to work in the country of the job for which you're applying, without sponsorship? *

Have you ever worked for our company before? *

Date Available

Salary Desired

How did you hear about this employment opportunity at ExtraHop?

ExtraHop Job Applicant Privacy Notice *

Click to view and acknowledge in drop down below

I certify that the information given by me to ExtraHop Networks is true and complete to the best of my knowledge. I authorize ExtraHop Networks to contact any and all references given on my application for employment. If employed, I understand that my employment is "at-will", entered into voluntarily for an indefinite period of time, and can be terminated at any time for any reason at the discretion of either myself or ExtraHop Networks. *

Voluntary Self-Identification

For government reporting purposes, we ask candidates to respond to the below self-identification survey. Completion of the form is entirely voluntary. Whatever your decision, it will not be considered in the hiring process or thereafter. Any information that you do provide will be recorded and maintained in a confidential file.

As set forth in ExtraHop’s Equal Employment Opportunity policy, we do not discriminate on the basis of any protected group status under any applicable law.

Gender

Are you Hispanic/Latino?

Please identify your race

Race & Ethnicity Definitions

If you believe you belong to any of the categories of protected veterans listed below, please indicate by making the appropriate selection. As a government contractor subject to the Vietnam Era Veterans Readjustment Assistance Act (VEVRAA), we request this information in order to measure the effectiveness of the outreach and positive recruitment efforts we undertake pursuant to VEVRAA. Classification of protected categories is as follows:

A "disabled veteran" is one of the following: a veteran of the U.S. military, ground, naval or air service who is entitled to compensation (or who but for the receipt of military retired pay would be entitled to compensation) under laws administered by the Secretary of Veterans Affairs; or a person who was discharged or released from active duty because of a service-connected disability.

A "recently separated veteran" means any veteran during the three-year period beginning on the date of such veteran's discharge or release from active duty in the U.S. military, ground, naval, or air service.

An "active duty wartime or campaign badge veteran" means a veteran who served on active duty in the U.S. military, ground, naval or air service during a war, or in a campaign or expedition for which a campaign badge has been authorized under the laws administered by the Department of Defense.

An "Armed forces service medal veteran" means a veteran who, while serving on active duty in the U.S. military, ground, naval or air service, participated in a United States military operation for which an Armed Forces service medal was awarded pursuant to Executive Order 12985.

Veteran Status

Voluntary Self-Identification of Disability

Form CC-305

Page 1 of 1

OMB Control Number 1250-0005

Expires 04/30/2026

Why are you being asked to complete this form?

We are a federal contractor or subcontractor. The law requires us to provide equal employment opportunity to qualified people with disabilities. We have a goal of having at least 7% of our workers as people with disabilities. The law says we must measure our progress towards this goal. To do this, we must ask applicants and employees if they have a disability or have ever had one. People can become disabled, so we need to ask this question at least every five years.

Completing this form is voluntary, and we hope that you will choose to do so. Your answer is confidential. No one who makes hiring decisions will see it. Your decision to complete the form and your answer will not harm you in any way. If you want to learn more about the law or this form, visit the U.S. Department of Labor’s Office of Federal Contract Compliance Programs (OFCCP) website at www.dol.gov/ofccp.

How do you know if you have a disability?

A disability is a condition that substantially limits one or more of your “major life activities.” If you have or have ever had such a condition, you are a person with a disability. Disabilities include, but are not limited to:

Alcohol or other substance use disorder (not currently using drugs illegally)
Autoimmune disorder, for example, lupus, fibromyalgia, rheumatoid arthritis, HIV/AIDS
Blind or low vision
Cancer (past or present)
Cardiovascular or heart disease
Celiac disease
Cerebral palsy
Deaf or serious difficulty hearing
Diabetes
Disfigurement, for example, disfigurement caused by burns, wounds, accidents, or congenital disorders
Epilepsy or other seizure disorder
Gastrointestinal disorders, for example, Crohn's Disease, irritable bowel syndrome
Intellectual or developmental disability
Mental health conditions, for example, depression, bipolar disorder, anxiety disorder, schizophrenia, PTSD
Missing limbs or partially missing limbs
Mobility impairment, benefiting from the use of a wheelchair, scooter, walker, leg brace(s) and/or other supports
Nervous system condition, for example, migraine headaches, Parkinson’s disease, multiple sclerosis (MS)
Neurodivergence, for example, attention-deficit/hyperactivity disorder (ADHD), autism spectrum disorder, dyslexia, dyspraxia, other learning disabilities
Partial or complete paralysis (any cause)
Pulmonary or respiratory conditions, for example, tuberculosis, asthma, emphysema
Short stature (dwarfism)
Traumatic brain injury

Disability Status

PUBLIC BURDEN STATEMENT: According to the Paperwork Reduction Act of 1995 no persons are required to respond to a collection of information unless such collection displays a valid OMB control number. This survey should take about 5 minutes to complete.

Our system has flagged this application as potentially being associated with bot traffic. Please turn off any VPNs, clear your browser cache and cookies, or try submitting your application in a different browser. If this issue persists, please reach out to our support team via our help center.

Please complete the reCAPTCHA above.

Sr. Security Engineer - Threat Research

Apply for this Job

Voluntary Self-Identification

Voluntary Self-Identification of Disability