Senior - Threat Research Engineer

Come work at a place where innovation and teamwork come together to support the most exciting missions in the world! Qualys is looking for threat researchers who can leverage their experience and expertise to identify and analyze threats, produce original research publications, and work with engineering teams to provide a feedback and related insights into a multitude of Qualys products. You will be a member of the Qualys Threat Research Team, a team of threat researchers working together to solve security challenges in new and innovative methods. The team is responsible for leading and conducting research related to adversary attack tactics and techniques, threat actor groups and campaign activity. The primary output of the Threat Research Team is security content for Qualys products, blog posts, and conference presentations via researching the latest tactics, techniques, and procedures leveraged by adversaries. The Threat Research Team also works closely with the security, malware research, product, and engineering teams to develop novel protection strategies against emerging cybersecurity threats. Responsibilities: Analyze and research emerging security solutions Onboarding of new security platforms into an operational model from the Security Architecture team Create data models for event normalization. Research methods and technologies to detect cyber threats, identify signals, and design approaches to use these signals to identify security threats and security breaches. Develop tools to automate and scale detection and response activities Collaborate with other teams in developing and adding cross-product intelligence. Working closely with Security Incident Response, Purple, Threat Intel teams Building of Linux servers, dockers, containers, automation Experience: 5 years of experience Preferred Requirements: BS/BA degree in a relevant technical field, or equivalent experience. Understanding of security frameworks (MITRE ATT&CK, NIST CSF, etc.) Experience in developing, implementing, and/or maintaining SIEM technologies. Experience with Cloud Service Providers (Azure, AWS, GCP, or OCI). Extensive experience with both Windows and Linux Operating Systems. Experience with Python and various scripting languages is desired. Vast knowledge of content creation and industry standard alerting techniques. Well-versed in log ingestion methods and forwarder configurations. Experience in Cyber Security is highly desired. Familiarity with EPP/EDR/XDR technologies. Familiarity with ELK stack Experience with consuming Kafka messages Well-groomed, working knowledge of SIEM products. Knowledge of networking and the TCP/IP stack. Knowledge of programming or scripting languages. Knowledge of networking protocols and application file formats like PE, OLE files, and operating system internals ************************************** Annual Salary Guidelines: $120,000 - $180,000 Qualys is an Equal Opportunity Employer, please see our EEO policy https://www.qualys.com/company/privacy/ Join our talent community and receive the latest Qualys news, content, and be first in line for new job opportunities. Join our Talent Community! Qualys, Inc. (NASDAQ: QLYS) is a pioneer and leading provider of disruptive cloud-based security, compliance and IT solutions with more than 10,000 subscription customers worldwide, including a majority of the Forbes Global 100 and Fortune 100. Qualys helps organizations streamline and automate their security and compliance solutions onto a single platform for greater agility, better business outcomes, and substantial cost savings.

Salary : $120,000 - $180,000