Security Researcher - Vehere

Job Description

This role is aimed to build and develop an understanding of a variety of threats and build systems to create defence mechanism against them. This may also include understanding how well we do, given a body of samples under a variety of configuration settings. This role will create the rules, content-packs and hunting triggers for Vehere s next generation security product. This involves tracking capabilities of new and existing public cloud services and understanding how adversaries may exploit these resources to advance their modes of interest. The role also involves mapping industry-standard compliance standards onto public cloud infrastructure, to provide customers insight into cloud hygiene and compliance. This person will be required to gather the data, analyse the data using machine learning or otherwise, identify its criticality, build models with the help of SMEs and automate simple tasks. They will also be responsible for troubleshooting issues with current data and making enhancements. Adhere to high quality work standards Responsible for maintaining Confidentiality, Integrity and Availability of Vehere s information assets including business critical information. Skills and Experience: Minimum 12-15 years of researching threats and adversaries at least in one of the public cloud services (AWS, Azure or GCP). Tracking and researching release of new cloud resource types and services, with a focus on security risk and attack surface expansion. Research mind-set, with a hold on where to look for relevant information pertaining to cloud threats, vulnerabilities and key adversaries modes of interest. Coordinating with Security SMEs to build hunting rules and triggers, which focus on adversary activity within the cloud control plane. Handle Customer escalations, to identify False-Positive False-Negative Data discovery and validation (Data efficacy Accuracy) Good understanding of public cloud resource and control plane threats and vulnerabilities. Experience of running cloud security research projects Programming/scripting knowledge for automating day to day tasks Python, Scala and linux shell. Ability to communicate, collaborate with engineers and security researchers Familiarity with common security compliance standard Similar open positions Manage consent