The Security Researcher will be responsible for researching emerging cybersecurity technologies and threats, evaluating security solutions and contributing to research publications, developing new approaches to threat management, identifying new methods for improving awareness and countering new threats. This includes extensive use of tools and using/enriching the lab, building new and improved detection rules, writing normalizers, creating analytics and contributing to the Logpoint security research blogs. Key elements to the role will be a security mindset to think out of the box and stay up to date with current security vulnerabilities, attacks, and countermeasures.; and learning enthusiasm along with behaviors that demonstrate a clear commitment to Logpoint values, mission and vision.

Roles and responsibilities:

• Responsible for defining, creating, and maintaining logic to efficiently parse logs from various log sources.
• Write queries and rules to detect various use case scenarios.
• Create and maintain correlation rules, dashboards, and reports.
• Vulnerability assessment and reporting.
• Conduct and analyze security vulnerability scans of devices and applications to identify weaknesses.
• Identify and document remediation processes.
• Monitor security data and proprietary information; identify and monitor trends.
• Write queries, perform ad hoc data analysis, and create data visualizations for different security devices.
• Build and maintain dashboards and other data visualizations of complex data sets and calculations.
• Collaborate with the security team to constantly improve analytic standards, workflows, and success metrics and develop/improve analytic products as appropriate.
• Create technical documentation around the content deployed to the SIEM Knowledge of Networking protocols and technologies, e.g. TCP/IP, firewalls, routers, etc.
• Identify and analyze risks in desktop, server, application, database, and networks.
• Research, and analyze a wide variety of commodity and APT-based malware and techniques
• Monitor security data and proprietary information; identify and monitor trends
• Write queries, perform ad hoc data analysis, and create data visualizations for different security devices.
• Build and maintain dashboards and other data visualizations of complex data sets and calculations
• Collaborate with the security team to constantly improve analytic standards, workflows, and success metrics and develop/improve analytics as appropriate
• Create technical documentation around the content deployed to the SIEM.

We expect you to be:

• Experienced professional and mission motivated
• A critical thinker and an excellent communicator
• Collaborative
• Ethical and truthful
• Responsible for the deliverables and a strong sense of ownership
• Industrious, creative and confidential

Knowledge, Skills and Abilities:

• Bachelor’s degree in Computer Science or related field.
• 2+ years’ experience in IT preferred.
• Experience using SEIM, firewall, IDS/IPS, proxy, DLP, and/or virtualization tools in support of detection, response, mitigation, and/or reporting of cyber threats affecting systems and networks
• Knowledge and understanding of network protocols, network devices, multiple operating systems, and secure architectures.
• Experience with Vulnerability scanners like Nessus, MVM, Qualys, etc.
• Strong knowledge of program/scripting languages such as; Python, C, C++, JSON, PowerShell, Bash, etc
• Experience in Microsoft Windows and Linux/Unix OS
• Experience in cyber security intrusion detection/analysis/response and creating new rules and filters to support these actions
• Experience in creating log correlations in a SIEM to identify anomalous, potentially malicious behavior
• Familiar with the following tool stacks (but not limited to);
• Programming / Scripting – Python, Java, Bash, PowerShell
• System Administration - Linux, Windows
• Virtualization / Container – Hyper-V, VMware, Docker
• Cloud services: Amazon Web Services, Azure, VMware
• Testing Tools: Metasploit, Nmap, OWASP ZAP, OpenVAS, Nexpose, Lynis, Wireshark Guides: OWASP Top 10, CIS, BSIMM, NIST, PCI DSS, etc.
• CVE, STIX/TAXII...

Benefits:

• Competitive compensation
• Social Security Fund (SSF)
• Medical Insurance for you and your family 
• Term Life Insurance 
• Festive allowance
• Attractive leave benefits, including maternity, paternity, and bereavement leave
• Work-from-home facility
• Company-provided meals
• Support for training and certifications
• Five-day work week
• Mandatory vacation
• Gymnasium/fitness facilities
• Well-being programs
• International work environment
• Commitment to diversity, equal opportunity, and non-discrimination
• Opportunities for career growth
• Recognition and rewards program

Logpoint is growing rapidly, we offer a challenging and exciting international work environment on the cutting edge of cybersecurity technology. We strive to deliver outstanding results in a positive, collaborative, and informal atmosphere with ample opportunity for personal growth and development.