Research & Efficacy Analyst Who You'll Work With What You'll Do Who You Are Why Cisco
Calgary, CANADA IT development
Job description
Who You'll Work With
The Research & Efficacy Team is composed of highly skilled individuals who are comfortable working in a fast paced and technically challenging environment. The AMP Research and Efficacy Team are tasked with improving the detection and alerting capabilities of the AMP for Endpoints and Threat Grid product lines. Part of this work includes researching malware, attack and exploitation methods in order to generate Indicators and signatures for alerting within both products.
What You'll Do
- Interface Directly with Tier 3 support team to provide resolution of issues with detection and other support cases.
- Triage and aid in the remediation of False Positive and False Negative triggers covering the AMP architecture.
- Identify root cause of false positive detection and false negatives in product, and suggest/implement remediation.
- Analyze Network traffic and binaries to identify malicious behavior and characteristics
- Suggest product improvements and enhancements through daily activities
- Identify and Report prevalent malicious techniques.
- Conduct research into Tools and Tactics used by Malicious authors.
- Identify behavioral activity in recorded execution of software
- Identify benign or normal activity in recorded execution of software
Who You Are
Minimum Qualifications
- Knowledge of operating system internals including Windows, Linux and Mac OS.
- Prior knowledge or experience with Malware detection or remediation
- Ability to Read and comprehend Packet captures
- Ability and prior experiencing in writing and validation of threat signatures
- Ability to write and validate parsers for a variety of file formats.
- Scripting or programming experience
- Excellent communication skills
- Ability to articulate technical issues
- Preferable Qualifications
- Reverse Engineering and experience with IDA Pro, WinDbg, OllyDbg
- Data Mining and interpretation skills
- Experience in and knowledge of Clojure
- Background or knowledge of Quality Assurance
Why Cisco
The Internet of Everything is a phenomenon driving new opportunities for Cisco and it is transforming our customers' businesses worldwide. Today, we are building teams that are expanding our technology solutions in the mobile, cloud, security, IT, and big data spaces, including software and consulting services. As Cisco delivers the network that powers the Internet, we are connecting the unconnected. Imagine creating unprecedented disruption. Your revolutionary ideas will influence everything from retail, healthcare, and entertainment, to public and private sectors, and far beyond. Collaborate with like-minded innovators in a fun and flexible culture that has earned Cisco global recognition as a Great Place To Work. With roughly 10 billion connected things in the world now and over 50 billion estimated in the future, your career has exponential possibilities at Cisco.
We are an equal opportunity employer and value diversity at our company (Cisco was the title sponsor at Chic Geek's Geeky Summit in 2017/2018.) We do not discriminate on the basis of race, religion, color, national origin,gender, sexual orientation, age, marital status, veteran status, or disability status.