Adversary Research Engineer



United States
Posted on Wednesday, August 9, 2023
As an Adversary Research Engineer, you will be responsible for producing new insight into existing and emerging adversary activity for evaluating the performance of information security controls. You’re aware of what they’re doing today, and you’d like to create advantages for defenders of all types and skill levels.

Essential Duties and Responsibilities

  • Collect and analyze adversary tactics, techniques and procedures (TTP) of all types from diverse sources.
  • Translate analysis of adversary TTP into the AttackIQ platform content used to evaluate the performance of security control technologies.
  • Assist in communicating detailed technical concepts to a broad audience to further the practice of Threat-Informed Defense.
  • Ability to analyze and deconstruct an adversary's behavior, effectively translating it into Python code for development and implementation.

Professional Competencies

  • Demonstrated understanding of most commonly-deployed information security technologies to support network and endpoint defense — think Palo Alto, Proofpoint, Crowdstrike, Microsoft Defender and beyond.
  • Hands-on skill with common hack, penetration testing and vulnerability scanning tools like Kali, Metasploit or similar when applied beyond the lab.
  • Knowledge of current adversary TTP and how to model behaviors in context of MITRE ATT&CK.
  • Smart, driven, and able to think-on-your-feet in a fast-paced environment.
  • Have proficient working knowledge of Python data structures and algorithms, the ability to write clean, well-documented, and efficient Python code.
  • Experienced in effectively communicating research findings through engaging and informative blog posts and webinars.
  • Significant experience in a security operations center (SOC), incident response, red team, threat research or similar a huge plus.

Required Experience and Skills

  • Bachelor’s degree with 4-8 years' experience in either an offensive or defensive cybersecurity capacity, or equivalent total experience in the information security space.
  • Exceptional written, oral, presentation and interpersonal skills.