Threat Hunter

Bangalore
Threat Research
Full-time
Awake’s mission is to protect companies from advanced cyber-attacks and to help their security teams operate with super-human efficiency. Our approach is simply different from what is available today, and we aim to create a world-class, diverse and enduring capability to help protect the information assets that enrich our world.
 
The Awake Threat Research group is a collection of talented security professionals with best in class industry experience who thrive on providing new insights for our customers and the community at large. Leveraging the Awake platform and the support of our engineering colleagues, we create novel ways to expose the most significant threats before their existence is known elsewhere. Our team of extremely talented and friendly individuals is looking for new members who are passionate, motivated, and most of all, enjoy working closely with customers to ensure their success.

Responsibilities

    • Conduct threat hunting and investigations using Awake’s network traffic analysis platform
    • Investigate, document, and report on information security issues and emerging trends
    • Coordinate with other internal Awake teams on activities impacting a diverse customer base
    • Conduct network log and network PCAP analysis, triage malware, and other related investigation activities in support of Incident Response investigations
    • Develop tools to automate the analysis of forensic artifacts
    • Evolve existing Threat Hunting methodologies to enhance and improve our practice
    • Provide training, present to small groups, write blogs, and speak at conferences such as Blackhat and BSides
    • Write executive and technical reports for client engagements

Requirements

    • 3 or more years of Managed SOC experience using network traffic or monitoring technology
    • Have the personality of someone who likes to dive into a PCAP, look at the raw hex, and also jump into the protocol RFC/specification document(s) to better understand it
    • Ability to parse and read PCAP data using Wireshark or other tools, as well as being able to read text-based network logs to identify malicious activity
    • Ability to write blogs, conduct research, and convert threat intelligence into detection models
    • Understanding of a wide range of network protocols and how they function at their lowest levels
    • Proficient with network-based hunting and analysis
    • Ability to code scripts in Python, Go, and/or Powershell
    • Ability to prioritize and complete multiple tasks with little to no supervision
    • Ability to work independently or as part of a collaborative cross-team effort
    • Comfortable presenting your findings to both technical and non-technical audiences

Other Desired Requirements

    • Excellent customer-facing skills
    • Ability to perform tabletop incident response exercises
    • Strong understanding of network security concepts
    • Advanced Python, Go, C#/.NET, or Powershell knowledge
    • Comfortable interacting with and/or writing APIs
    • Reverse Engineering
    • Red Team experience

Perks and Benefits

    • Competitive salary, quarterly bonus opportunities, and company equity
    • Talented and friendly teammates
    • Comprehensive medical, dental and vision
    • Flexible work hours and unlimited vacation
    • Opportunities to contribute to Open Source projects