About the company
CyberCX is joining forces with one of the most exciting cyber security companies from the United States to deliver projects for the Australian market.
You will be trained to deliver a patented, groundbreaking new approach to cybersecurity that identifies, stops, and prevents threats others miss. This innovative technology outperforms the components of every other network security solution and is solving the biggest challenges for customers today with better security, virtual vulnerability mitigation, reduced alert fatigue and fewer false positives.
About the role
Responsible for digging deep into the world of open source and proprietary threat intelligence, you will work alongside a team of motivated developers, malware analysts, and operators to translate some of the newest and most complex vulnerabilities, exploits, and threats in cyber space into actionable outcomes.
Due to the nature of the work, applicants must be citizens of the United States. Australian government security clearances are desirable, but not required.
Duties
- Hunt alongside talented threat researchers to find adversary tactics, techniques, and novel attacks within networks and pivot that knowledge to prevent them from succeeding.
- Utilize open-source research to expand upon current understanding of CVEs, actors, TTPs, malware families, and malicious infrastructure.
- Develop analytics, signatures, or rules based on both content and metadata of files.
- Take a unique look at malware and other threats from a holistic perspective, with the goal of detection and mitigation.
- Quickly triage files, scripts, and other malicious code to extract network artifacts.
- Evaluate and utilize threat intelligence to make actionable decisions (open source, paid source, internal telemetry).
- Develop and maintain scripts to interact with internal tooling, query API endpoints, data manipulation, and automation.
Skills & experience
- The ability to categorize, triage, and analyse network traffic with demonstrated experience using Wireshark and other systems to isolate out anomalous traffic.
- Strong analytical and technical skills in Computer Network Operations, Computer Network Defence, and Computer Network Exploitation.
- Working knowledge of network-to-application-level protocols (TCP, UDP, DNS, TLS, HTTP/S, SMB, etc.)
- Experience utilizing a scripting language (preferably Python) to interact with APIs, pivoting through/cleaning data, and parsing files. Must be able to read a script in common scripting languages and understand their functionality as well.
- Demonstrated working knowledge of Unix/Linux, MacOS, and windows systems.
- Comfortability using Atlassian Suite tooling - Confluence, BitBucket and Jira-and functional equivalents.
- Experience working in control versioning with git.
- Working knowledge of performing queries using Lucene or KQL in Elasticsearch/Kibana.
Benefits
- Flexible hybrid working environment (a blend of office and WFH)
- Corporate discounts on a huge variety of retail stores through our partners
- Ability to deepen your experience and skills in-line with CyberCX's specialisation as Australia's leading cyber security provider.
- Opportunities to engage directly with and support senior leadership on significant work and contribute to thought leadership.
Please note, due to the nature of this role, it is a mandatory requirement that all applicants are United States citizens. Only Canberra based applicants will be considered for this role (flexible hybrid working environment; a blend of office and WFH - not remote). Assistance with relocation within Australia will be considered.
