SonicWall delivers Boundless Cybersecurity for the hyper-distributed era in a work reality where everyone is remote, mobile, and unsecure. SonicWall safeguards organizations mobilizing for their new business normal with seamless protection that stops the most evasive cyberattacks across boundless exposure points and increasingly remote, mobile, and cloud-enabled workforces. By knowing the unknown, providing real-time visibility and enabling breakthrough economics, SonicWall closes the cybersecurity business gap for enterprises, governments and SMBs worldwide. For more information, visit https://www.sonicwall.com/ or follow us on Twitter, LinkedIn, Facebook, and Instagram.

Ready to do your part in the cyber arms race? SonicWall offers fun, high-energy work environments at the leading edge of technology, networking, and cybersecurity. Whether you’re in sales, marketing, engineering, product management, technical support, or finance, you’ll have real opportunities to help protect more than 500,000 organizations across the globe. If you’re ready for a career that can impact change — and not just another job — join one of committed and enthusiastic SonicWall teams in offices around the world

Director of Threat Research – Intrusion Prevention

Requirements:

Bachelor’s degree, or foreign equivalent, or MS in Computer Science or related field.
10 or more years of post-baccalaureate experience in hands-on threat research roles.
5 or more years in leadership threat research roles.
Understanding of application layer protocols, such as HTTP, FTP, SMTP, POP3, IMAP, SSL etc.
Ability to analyze network traffic via packet captures.
Professional experience should include the following: Vulnerability research, Reverse engineering, Signature development, Virtual environment setup, IDA Pro, WireShark.
Knowledge of programming languages such as C, C++, Python is a plus as well as x86 ASM.
While the candidate will have people reporting to him, the candidate is expected to have a strong hands-on background and be able to contribute on hands-on projects related to PoC development, infrastructure development, threat analysis, etc.

Responsibilities:

Lead a team of threat researchers.
Perform reverse-engineering for software used in local, networked or Internet-related systems.
Develop Intrusion Prevention signatures based on threat analysis using signature description language.
Develop Application identification signatures based on network traffic analysis and understanding of application layer protocols.
Troubleshoot and test (including automation) IPS and Gateway AV engines on firmware.
Research new ways to improve Deep Packet Inspection engine and work together with software engineering teams to define the next capabilities and enhancements of the DPI engine to combat the next generation of threats.
Set up analysis environment for specific threats affecting Windows, Mac OSX, and Mobile OS platforms in a lab environment.
Reverse engineer and analyze new vulnerabilities and threats.
Develop tools to automate IPS and malware analysis tasks, simulation software and administer lab environment to replicate attacks.
Build new proof of concept technology to detect and prevent exploits targeting zero-day vulnerabilities.

#LI-KB7

#LI-Remote

#Vulnerability research

SonicWall is an equal opportunity employer.

We are committed to creating a diverse environment and is an equal opportunity employer. All qualified applicants receive consideration for employment without regard to race, color, ethnicity, religion, sex, gender, gender identity and expression, sexual orientation, national origin, disability, age, marital status, veteran status, pregnancy, or any other basis prohibited by applicable law.

At SonicWall, we pride ourselves on recruiting a diverse mix of talented people and providing active security solutions in 100+ countries.

Apply for this Job

* Required

First Name *

Last Name *

Email *

Phone *

Location (City) *

Resume/CV *

Dropbox Google Drive

(File types: pdf, doc, docx, txt, rtf)

Cover Letter

Dropbox Google Drive

(File types: pdf, doc, docx, txt, rtf)

LinkedIn Profile

Website

In order to assist us in complying with applicable immigration regulations as we consider candidates for this position, we must ask you the following questions; we will consider your responses only as necessary to comply with immigration regulations and will not consider them for any other employment purpose: Are you authorized to Work lawfully in the United States? *

Would you now or in the future require SonicWall to sponsor employment visa status (such as an H-1) for you to work in the United States? *

What is your salary expectation? *

Voluntary Self-Identification

For government reporting purposes, we ask candidates to respond to the below self-identification survey. Completion of the form is entirely voluntary. Whatever your decision, it will not be considered in the hiring process or thereafter. Any information that you do provide will be recorded and maintained in a confidential file.

As set forth in SonicWall’s Equal Employment Opportunity policy, we do not discriminate on the basis of any protected group status under any applicable law.

Gender

Are you Hispanic/Latino?

Please identify your race

Race & Ethnicity Definitions

If you believe you belong to any of the categories of protected veterans listed below, please indicate by making the appropriate selection. As a government contractor subject to the Vietnam Era Veterans Readjustment Assistance Act (VEVRAA), we request this information in order to measure the effectiveness of the outreach and positive recruitment efforts we undertake pursuant to VEVRAA. Classification of protected categories is as follows:

A "disabled veteran" is one of the following: a veteran of the U.S. military, ground, naval or air service who is entitled to compensation (or who but for the receipt of military retired pay would be entitled to compensation) under laws administered by the Secretary of Veterans Affairs; or a person who was discharged or released from active duty because of a service-connected disability.

A "recently separated veteran" means any veteran during the three-year period beginning on the date of such veteran's discharge or release from active duty in the U.S. military, ground, naval, or air service.

An "active duty wartime or campaign badge veteran" means a veteran who served on active duty in the U.S. military, ground, naval or air service during a war, or in a campaign or expedition for which a campaign badge has been authorized under the laws administered by the Department of Defense.

An "Armed forces service medal veteran" means a veteran who, while serving on active duty in the U.S. military, ground, naval or air service, participated in a United States military operation for which an Armed Forces service medal was awarded pursuant to Executive Order 12985.

Veteran Status

Form CC-305

OMB Control Number 1250-0005

Expires 05/31/2023

Voluntary Self-Identification of Disability

Why are you being asked to complete this form?

We are a federal contractor or subcontractor required by law to provide equal employment opportunity to qualified people with disabilities. We are also required to measure our progress toward having at least 7% of our workforce be individuals with disabilities. To do this, we must ask applicants and employees if they have a disability or have ever had a disability. Because a person may become disabled at any time, we ask all of our employees to update their information at least every five years.

Identifying yourself as an individual with a disability is voluntary, and we hope that you will choose to do so. Your answer will be maintained confidentially and not be seen by selecting officials or anyone else involved in making personnel decisions. Completing the form will not negatively impact you in any way, regardless of whether you have self-identified in the past. For more information about this form or the equal employment obligations of federal contractors under Section 503 of the Rehabilitation Act, visit the U.S. Department of Labor’s Office of Federal Contract Compliance Programs (OFCCP) website at www.dol.gov/ofccp.

How do you know if you have a disability?

You are considered to have a disability if you have a physical or mental impairment or medical condition that substantially limits a major life activity, or if you have a history or record of such an impairment or medical condition.

Disabilities include, but are not limited to:

Autism
Autoimmune disorder, for example, lupus, fibromyalgia, rheumatoid arthritis, or HIV/AIDS
Blind or low vision
Cancer
Cardiovascular or heart disease
Celiac disease
Cerebral palsy
Deaf or hard of hearing
Depression or anxiety
Diabetes
Epilepsy
Gastrointestinal disorders, for example, Crohn's Disease, or irritable bowel syndrome
Intellectual disability
Missing limbs or partially missing limbs
Nervous system condition for example, migraine headaches, Parkinson’s disease, or Multiple sclerosis (MS)
Psychiatric condition, for example, bipolar disorder, schizophrenia, PTSD, or major depression

Disability Status

PUBLIC BURDEN STATEMENT: According to the Paperwork Reduction Act of 1995 no persons are required to respond to a collection of information unless such collection displays a valid OMB control number. This survey should take about 5 minutes to complete.

Please reach out to our support team via our help center.

Director of Threat Research - Intrusion Prevention

Apply for this Job

Voluntary Self-Identification

Voluntary Self-Identification of Disability