Senior Security Engineer- Research

Helsinki, Finland

Apply See all jobs

The Senior Security Engineer in Cyber Security Labs is responsible for researching and implementing cybersecurity defense mechanisms that protect the CUJO customers. The person is responsible for identifying cyber threats, researching protection mechanisms, implementing the mechanisms and guiding global teams to ensure the effectiveness of the implementation. The person helps identify gaps in the CUJO AI Security Platform and provide a path to remediation through research, investigation, and proof of concept (POC) development.

Main responsibilities

  • Primary focus on IoT Security and IoT device detection and behavioral analytics automation
  • Emerging threat analysis
  • Gaining insights & know-how of evolving attack techniques
  • Identify new threat TTPs and signatures used by cyber threat actors and develop primary research based on that information. Track emerging attacker methodologies. Describe threat actors or actor groups
  • Analyze malware and attacker tools to assess their functionality, origin and purpose
  • Maintain up-to-date awareness of computer network exploitation and attack tools and tradecraft, threats and vulnerabilities, and respective countermeasures
  • Research technologies and test ways to take abstract ideas and design rapid prototype proof of concepts
  • Build prototypes using existing product capabilities and document product requirements
  • Work with the firmware team to implement mechanisms to collect the relevant data from the network flows and assist on putting protection mechanism in place on netflow
  • Work with the machine learning (ML) team to build models to detect the threat patterns for the data
  • Research, develop, implement, test and document tools, techniques and tactics used by adversaries to compromise and maintain control of assets
  • Contribute to the infosec community through papers, blogs, and presentations
  • Collect open-source information for aggregation into our intelligence repository
  • Predict and extrapolate attack trends ahead of its occurrence
  • Develop robust countermeasures and mitigation prototypes
  • Maintaining substantial knowledge of state-of-the-art security principles, theories, attacks, etc. and contribute those insights to internal and external stakeholders
  • Participation in development or intellectual property is also a responsibility
  • Identify promising new security technologies by attending conferences e.g. DEF CON, Black Hat & the Chaos Communication Congress (CCC)
  • Support the CUJO AI platform content marketing and PR efforts with real-time analysis of breaches and attack vectors

Technical competencies

  • In-depth experience with security threats, vulnerability research along with practicing security development lifecycle practices
  • Knowledge of adversarial tools, techniques, and procedures within the context of the ATT&CK framework or equivalent
  • Reverse engineering skills
  • Intermediate programming skills in Python or a similar language. Familiarity with development tools such as Git and Jira
  • Solid knowledge of log analysis tools & techniques
  • Experience investigating threats, using OSINT to investigate the attacker’s infrastructure, identify TTPs, and provide context on the attacker’s targets and motivations
  • Expert knowledge of the cybersecurity concerns facing large enterprises, small & medium business and home consumers
  • Security-relevant context with standard protocols: TCP/IP, HTTP, DNS
  • Experience with malicious code analysis: be able to examine malware, capture behavior, identify patterns to place into malware families
  • Technical expertise in network defense technologies, the cyber kill chain, forensic tools, threat intelligence, and active defense technologies
  • Hands-on experience with system investigation tools like WireShark, TCPDump, Bro, Metasploit, Nessus/OpenVAS, Scapy, etc.
  • Deep understanding of vulnerabilities, exploits, and the latest attack vectors
  • Ability and desire to work across Technology, R&D, Product and Marketing teams. This is not meant to be a siloed research-only position
  • Exploitation and mitigation technique developments
  • Knowledge of computer architecture CPU, SoC, chipsets, BIOS, Firmware, Drivers, and others
  • Experience in analytical tools and capabilities used is Cyber Intelligence area
  • An understanding of the current and developing IoT landscape (technologies/services) and the cyber threats that are used to compromise these technologies and services
  • Expertise in architecting, strategizing and evangelizing advanced product security countermeasures into products is valuable
  • Ability to research, author, and present technical security concepts
  • Proficiency in C and one or more scripting languages
  • Experience in developing research infrastructure and tools in Python

Behavioral competencies

  • Ability to normalize and analyze large datasets, often in unstructured formats
  • Possess the ability to understand new concepts quickly, and apply them accurately through an evolving, dynamic environment
  • Demonstrable passion for cybersecurity including continual learning about new security controls, adversary tools, and offensive techniques
  • Ability to work autonomously in a less structured startup type environment
  • Ability to efficiently collaborate with cross-functional teams
  • Strong team player with a can-do attitude and a drive to take ownership and initiative

Benefits and Perks

  • Responsibility, ability to contribute to learning and the possibility to advance
  • Offices across the world
  • Flexible working hours
  • Opportunity to learn from highly skilled colleagues
  • Ambitious projects and meaningful cause
  • Calm and focused environment
  • Conferences, training, books – anything for your development
  • Benefits package that includes Health Insurance, snacks, and more!