Experience Inc. Jobs

Business Summary

VMware Carbon Black, the leader in advanced threat protection, is seeking a Threat Researcher to join its Threat Analysis Unit (TAU). Our mission is to stop breaches. The Applied Threat Research team within TAU helps to protect or improve a customer’s defensive or threat hunting abilities. This position targets individuals with a customer-focused passion for researching impactful and relevant cyber threats and applying that research directly to benefit VMWare Carbon Black customers. This role will research, reproduce and analyze attacks in order to create the behavioral detection and prevention rules in our growing technology stack. Candidates should have a detection engineering mindset, understand adversarial tactics and techniques that threat actors use to advance their modes of interest, be capable of mapping those tactics and techniques against industry frameworks such as MITRE ATT&CK, and ideally have worked with threat detection solutions directly. Threat Researchers at Carbon Black are additionally responsible for leading, conducting, and presenting threat research from the Threat Analysis Unit (TAU).

Job Role and Responsibility

• Perform security research based on security events and coordinate results with other teams

• Analyze malware and replicate modern threat tactics to trace behavior

• Create custom rules for dissemination into the Carbon Black product suite

• Research anomalies to uncover threat actor groups, malware, vulnerabilities, tools/techniques

• Work closely with internal and external customers for product and service improvements

• Support ongoing projects by assisting in the implementation, research, testing and documentation of security related projects

• Handle customer escalations to tune False-Positives and address False-Negatives

• Maintain knowledge of emerging security technologies and threat developments

Required Qualifications

• Customer-centric passion

• Understanding of the threat landscape and latest attack techniques

• Aptitude to break down and articulate threats into efficient detections

• Knowledge of artifacts and OS behavior in Windows, Linux, and/or macOS

• Strong written and verbal communication skills to present technical risks and issues to non-technical audiences

Preferred Qualifications

• Detection engineering experience

• Basic experience with a number of the following is preferred: Python, PowerShell, Go, C#, other commandline scripting or similar

• Previous Incident Response or Penetration Testing experience

• Experience with Endpoint Security products (EDR, XDR, etc)

• Certifications such as CISSP, SANS GIAC Certifications (GCIH, GPEN, GSEC, etc.), OSCP/OSCE

This job may require the candidate to travel and/or work from a facility that requires full vaccination prior to entry.

Category : Engineering and Technology

Subcategory: Software Engineering

Experience: Manager and Professional

Full Time/ Part Time: Full Time

Posted Date: 2022-05-11

VMware Company Overview: At VMware, we believe that software has the power to unlock new opportunities for people and our planet. We look beyond the barriers of compromise to engineer new ways to make technologies work together seamlessly. Our cloud, mobility, and security software form a flexible, consistent digital foundation for securely delivering the apps, services and experiences that are transforming business innovation around the globe. At the core of what we do are our people who deeply value execution, passion, integrity, customers, and community. Shape what’s possible today at http://careers.vmware.com.

Equal Employment Opportunity Statement: VMware is an Equal Opportunity Employer and Prohibits Discrimination and Harassment of Any Kind: VMware is committed to the principle of equal employment opportunity for all employees and to providing employees with a work environment free of discrimination and harassment. All employment decisions at VMware are based on business needs, job requirements and individual qualifications, without regard to race, color, religion or belief, national, social or ethnic origin, sex (including pregnancy), age, physical, mental or sensory disability, HIV Status, sexual orientation, gender identity and/or expression, marital, civil union or domestic partnership status, past or present military service, family medical history or genetic information, family or parental status, or any other status protected by the laws or regulations in the locations where we operate. VMware will not tolerate discrimination or harassment based on any of these characteristics. VMware encourages applicants of all ages. Vmware will provide reasonable accommodation to employees who have protected disabilities consistent with local law.