Sr. Threat Researcher (IPS)
SonicWall delivers Boundless Cybersecurity for the hyper-distributed era in a work reality where everyone is remote, mobile and unsecure. SonicWall safeguards organizations mobilizing for their new business normal with seamless protection that stops the most evasive cyberattacks across boundless exposure points and increasingly remote, mobile and cloud-enabled workforces. By knowing the unknown, providing real-time visibility and enabling breakthrough economics, SonicWall closes the cybersecurity business gap for enterprises, governments and SMBs worldwide. For more information, visit www.sonicwall.com or follow us on Twitter, LinkedIn, Facebook and Instagram.
Ready to do your part in the cyber arms race? SonicWall offers fun, high-energy work environments at the leading edge of technology, networking and cybersecurity. Whether you’re in sales, marketing, engineering, product management, technical support or finance, you’ll have real opportunities to help protect more than 500,000 organizations across the globe. If you’re ready for a career that can impact change — and not just another job — join one of committed and enthusiastic SonicWall teams in offices around the world.
The Software Vulnerability Researcher/Threat Researcher is responsible for the up-to-date Intrusion/Prevention system signature development, network security research and software vulnerabilities evaluation and research as well as to provide oversight and successful execution of information security processes and projects.
· Design, develop and test proprietary software using a range of applicable technologies, including programming languages, compilers, assemblers, debuggers, and reverse engineering for products used in local, networked or Internet-related computer programs.
· Develop Intrusion Prevention signatures based on threat analysis using signature description language. Familiar with CVE vulnerability scoring system.
· Troubleshoot and test (including automation) IPS and Gateway AV engines on firmware. Research new ways to improve Deep Packet Inspection engine.
· Set up IPS and Malware analysis environment for specific threats affecting Windows, Mac OSX, and Mobile OS platforms in a lab environment.
· Reverse engineering and analyze 0-day vulnerabilities and malware threats, discover new vulnerabilities.
· Develop tools to automate IPS and malware analysis tasks, simulation software and administer lab environment to replicate attacks.
· Build new technology to detect and prevent zero-day attacks
A qualified researcher needs to understand most of the network protocols, software security issues and their mechanisms. Broad knowledge in operating systems, network applications, development languages and databases are required. The candidate should have bachelor degree of computer of science and 5+ years of work experience or equivalent background. The following skill set is listed as a reference:
· Network infrastructure, protocols and tools such as TCP/IP, SMTP, HTTP, Wireshark, TCPDump etc.
· Linux/Unix knowledge, such as Ubuntu, Fedora.
· Programming languages such as C/C++, Perl, Python, PHP, ASP, Bash etc.
· Familiar with popular cyber security IDS systems such as Bro/Zeek, Snort or Suricata.
· Database skills such as MSSQL, Postgres and big data database.
· Network Vulnerabilities such as Buffer Overflow, SQL Injection.
· Reverse engineering skills and tools, such as OllyDBG, IDAPro.
SonicWall provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability or genetics.