Network Security Researcher (Early Career)

Responsibilities

• As part of a project team, implement architectures to simulate and/or emulate portions of various network architectures in a lab-based environment for troubleshooting and root cause analysis of misconfigurations and anomalous behaviors.
• Support analysis and result validation of the detection techniques and mitigations of anomalous behaviors.
• Research techniques used by Advanced Persistent Threats (APT) that would enable movement through, Command and Control (C2) of, and data exfiltration on a targeted network.
• Assist in determining which adversarial techniques network security controls and policies would block.
• Support simulating remaining techniques in a lab and collect data to help develop detection approaches.
• Research emerging trends in networking technology such as Software Defined Networking (SDN) and Network Function Virtualization (NFV).
• Design and develop experiments to analyze the potential impacts these technologies would have on networks and document the results.
• Assist in the development of APT detection approaches using rule-based and Machine Learning (ML) methodologies.
• Provide informal technical briefings on testing or experimental results to team members.
  

Key Qualifications

• Bachelor's degree in Computer Science or a related field and networking experience.
• Hands on experience with designing and implementing network designs with Cisco, Juniper, and Palo-Alto equipment.
• Familiarity with APT techniques.
• Understanding of networking and security concepts (e.g., TCP/IP stack, routing, firewalls, intrusion detection systems, intrusion prevention systems).
• Familiarity with IP networking concepts (e.g., Quality of Service) and virtual private networks.
• Ability to capture and analyze large amounts of network traffic.
• Ability to communicate technical concepts to teammates.
• Ability to obtain and maintain a Top Secret security clearance
• Travel may be a frequent as two weeks every two months.

Preferred Qualifications

• Experience with Linux, Microsoft Windows desktop and Server, as well as virtualization environments like VMware ESXi/vSphere.
• Familiarity with data science techniques.
• Hands on experience with packet capture utilities like tcp dump and Wire Shark as well as Network Intrusion Detection (NIDs) like Snort, Suricata, and Zeek.
• Familiarity with Python 3.x and Python libraries for machine learning such as TensorFlow and Keras.
• Familiarity with C11 and C++ 11 or later.
• Experience with behavioral models like MITREs ATT&CK, Lockheed Martins Cyber Kill Chain that describe Advanced Persistent Threats (APT) tactics and techniques.