Cloud Security Researcher
Coralogix
Cloud Security Researcher
- Snowbit
- Gurgaon, India
- Full-time
Description
About The Position
Snowbit is a cybersecurity technology innovator with a vision to empower organizations across the globe to quickly, efficiently, and cost-effectively ready themselves to address omnipresent cyber risk. Towards this end, Snowbit, built off years of Israeli cybersecurity experience, offers the broadest managed detection and response offering available today.
Snowbit is part of the Coralogix group. Coralogix is rebuilding the path to log observability by offloading the burden of indexing and providing deep insights to accumulated data, at an infinite scale, for less than half the cost.
We are looking for accomplished, passionate, and self-driven Security Researchers with a zeal for revolutionizing the enterprise cybersecurity domain to come and join the Snowbit Security Research Group.
This is a team of experts with vast cybersecurity experience focused on research on cloud and enterprise systems to identify emerging threat trends/vectors as well as gaps and opportunities within existing enterprise cybersecurity frameworks.
These insights will play a key role in evolving the Snowbit offering and maintaining its global leadership position in the enterprise-managed detection and response domain.
Joining this team provides a unique opportunity to both benefit from the best of Israeli cybersecurity talent and influence the direction of a new world-class offering in the cybersecurity domain.
What Will you do?
- Research emerging technologies, threats, vulnerabilities in SaaS and enterprise products and create actionable alerting scenarios.
- Investigate logs from security systems to detect intrusions or misconfigurations and create detections based on your findings.
- Write detection rules documentation with actionable recommendations for mitigations.
- Design, build, and maintain dashboards that provide real-time visibility into network threats, security incidents, and operational status.
- Publish your findings internally for customers and externally for blog / marketing needs.
- Work with our customers to investigate anomalies and incidents and create custom detections and next step recommendations.
Responsibilities will include
- ·On-going research on known and new attack vectors, including identification, with respect to novel attack vectors including their iteration/evolution and related mitigations across the enterprise IT landscape
- Collaborate with Product and Engineering to leverage research findings to evolve Snowbit product and knowledge base.
- Participate in security escalations support. Create security guidance and documentation.
- Evaluate & recommend new security technologies and help shape the product going forward with your insights and expertise.
- Regular updates to internal teams and customers on research findings.
- Active participation in public cybersecurity media/forums/events.
Requirements
Job Location: Gurgaon - Work from office.
Basic Requirements
- 3+ years of experience in security research in large, complex or security organizations
- Experience in Managing and securing enterprise IT environments with emphasis on cloud environments (AWS, Azure, GCP).
- Experience in securing cloud and SaaS environments and familiarity with cloud and SaaS attack vectors and misconfigurations.
- Experience in enterprise security, hands-on experience with attacking or defending enterprise systems.
- Experience in threat modeling (Attack kill chain, MITRE ATT&CK/D3FEND), identifying security vulnerabilities, common attacker exploit techniques, and related mitigations and remediations.
- Hands-on experience with query languages (Kibana/KQL/Lucene/PromQL, Splunk), working with JSON files and writing complex queries and rules.
- An innovative mind with keen attention to detail and the ability to set goals and parameters for success, investigate and implement solutions to catch threats according to defined goals.
Preferred Requirements
- ·Writing abilities (Former publications for blogs / comprehensive report writing).
- Deep knowledge of Cloud security principles
- Experience with Regex or additional query languages
- Knowledge in script writing, programming language (Python, JS etc)