Application window is expected to close by 11/17/2024Who we are:The Talos Network Threat Detection and Response Team creates network and endpoint signatures thatare distributed world-wide to multiple products in Cisco's security portfolio and the open-source community.Who you Are:In this position you will create detection content for vulnerabilities in a variety ofCisco and non-Cisco products. Understanding these vulnerabilities may come fromreviewing technical reports, reading code diffs, or developing proofs-of-concept basedon varying degrees of background information. Once released, these protectionsdirectly impacts the security of people and organizations around the globe. With time andexperience you will develop subject matter expertise in some of the technologies wework with, act as a technical representative for NTDR at meetings with other departmentsand conduct long-term advanced research and development that can be used toimprove Cisco's products.If you're a tenacious learner, have an excruciating interest in detail, and want to developYour technical leadership skills in information security, this may be the right role for you.What you ‘ll do:Role & Responsibilities:Research security threats, attacker techniques and tools, 0-day vulnerabilities and other in-depth research on novel threatsWrite in-depth technical advisories about threats and signaturesAnalyze malware samples and vulnerable binaries using static/dynamic analysis debuggers to Build advanced signatures and detection content for Snort, ClamAV, AMP, and other Cisco productsCreate testbed environments to research and run exploitsDevelop tooling that forwards the mission of the teamParticipate in advanced research projectsMinimum Qualifications:3+ years professional and/or educational experience with analyzing, identifying, and exploiting a wide variety of vulnerability types, such as buffer overflows, integer overflows, cross-site and server-side request forgery attacks, insecure deserializations, and/or authentication bypasses3+ years professional and/or educational experience using packet analysis tools like Wireshark to analyze network or transport, and application layer protocols, such as IP, TCP, LDAP, TLS, RDP or SMB3+ years professional and/or educational experience with a compiled language (e.g. C, C++, Rust, Go) and/or a scripting language (e.g. Python, Ruby, Perl)Preferred Qualifications:Expertise with the structure of common file formats, such as PDF, MS Office, EXE, ELF and an ability to identify anomalies using popular file-analysis tools such as 010 EditorExpert knowledge of operating system internals and familiarity with concepts such as: application memory layout, C runtime or OS-related functions, kernel vs user space functionalityExpertise with reverse engineering, malware analysis, and relevant tools (e.g.IDA Pro, Binary Ninja, Ghidra, radare2, x64dbg, WinDbg, OllyDbg), as well as analyzing assembly code and identifying code patterns in disassembled binaries5+ years of related industry experience in roles like: incident response, intrusion detection, forensic analysis, pentesting or red teaming, or vulnerability developmentExperience with detection content engineering such as Snort rules languageMaster's degree or equivalent experience Computer Science, Cyber Security, or other tech-related degreeWhy Cisco Secure:We're global, we're adaptable, we're diverse, and our security portfolio is as extensive as it is groundbreaking. Have you heard of Threat, Detection & Response, Zero Trust by Duo, Common Services Engineering, or Cloud & Network Security? Those are only a few of our product teams! The only thing we're missing is YOU.Join an enterprise security leader with a start-up culture, committed to driving innovation and giving you the opportunity to make an impact. We #InnovateToWin and we know we're better together, that's why we're dedicated to inclusivity, collaboration, and diversity in everything we do.We're proud to be the Best Small and Mid-Size Enterprises Security Solution Cisco Secure continues to grow and evolve year after year with 100% of Fortune 100 Companies using our products, and we're excited to see the new heights we'll reach with your passion for security, your customer focus, and your desire to change things up!There are so many amazing reasons to join Cisco. Learn more (1) here!ReferencesVisible links is an Affirmative Action and Equal Opportunity Employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender, sexual orientation, national origin, genetic information, age, disability, veteran status, or any other legally protected basis.Cisco will consider for employment, on a case by case basis, qualified applicants with arrest and conviction records.