Security Researcher - EDR

Posted:
10/9/2024, 12:14:28 AM

Location(s):
Karnataka, India

Experience Level(s):
Junior ⋅ Mid Level

Field(s):
IT & Security ⋅ Software Engineering

Job Title:

Security Researcher - EDR

About Trellix:

Trellix is a global company redefining the future of cybersecurity and soulful work. The company’s comprehensive, open and native cybersecurity platform helps organizations confronted by today’s most advanced threats gain confidence in the protection and resilience of their operations. Trellix, along with an extensive partner ecosystem, accelerates technology innovation through artificial intelligence, automation, and analytics to empower over 50,000 business and government customers with responsibly architected security. More at  https://trellix.com. 

Role Overview:

Security Researcher

About the role -

  • Reverse engineer malware to identify malicious code, obfuscation techniques, and communication protocols.

  • Author detection rules for behavior-based detection engines.

  • Conduct deep research on attacker campaigns and techniques to support detection investments and improve customer experience.

  • Write generic threat detections based on static and dynamic detection engines.

  • Demonstrate a strong understanding of cybersecurity threats, attack techniques, and the MITRE ATT&CK framework.

  • Conduct proactive and reactive threat hunting and identify detection issues such as misses or misclassifications from a large-scale dataset.

  • Respond to escalations to resolve detection effectiveness issues (misclassifications, false positives, and false negatives).

  • Engage and collaborate with diverse partner teams to drive great customer experiences and ensure holistic protection.

  • Develop alerting, reporting, and automated detection solutions.

  • Build tools and automation to improve productivity.

About you -

  • 3+ years of experience writing detection using Snort, Yara, Sandbox, or proprietary detection engines.

  • 2+ years of experience performing threat hunting or deep familiarity with incident response procedures, processes, and tools.

  • 2+ years of experience querying and analyzing (for malware/TTPs) large datasets.

  • Experience in programming or scripting languages (e.g., Python, PowerShell).

  • Experience in utilizing various malware analysis tools and frameworks (e.g., IDA Pro).

  • Experience performing detection engineering across multiple operating systems, including Windows, Linux, and macOS.

  • Excellent verbal and written communication skills in English.

Company Benefits and Perks:

We work hard to embrace diversity and inclusion and encourage everyone to bring their authentic selves to work every day. We offer a variety of social programs, flexible work hours and family-friendly benefits to all of our employees.

  • Retirement Plans
  • Medical, Dental and Vision Coverage
  • Paid Time Off
  • Paid Parental Leave
  • Support for Community Involvement

We're serious about our commitment to diversity which is why we prohibit discrimination based on race, color, religion, gender, national origin, age, disability, veteran status, marital status, pregnancy, gender expression or identity, sexual orientation or any other legally protected status.

Trellix

Website: https://trellix.com/

Headquarter Location: San Francisco, California, United States

Employee Count: 1001-5000

Year Founded: 2022

IPO Status: Private

Last Funding Type: Venture - Series Unknown

Industries: Cyber Security ⋅ Information Technology ⋅ Network Security