Senior Security Researcher at SpyCloud
SpyCloud is the leader in account takeover (ATO) prevention, protecting billions of consumer and employee accounts either directly or through product integrations. Our award-winning solutions proactively defeat fraud attempts and disrupt the criminals' ability to profit from stolen information.
SpyCloud is looking for a self-driven security researcher to come on board and own major portions of our research initiatives that drive our tailored intelligence collection. You will work closely with teams across the organization to build applications and processes that enable data collection at scale. You’ll act as a subject matter expert on all things across the research organization.
- Proficiency in building microservice based data sources to support data collection.
- Advising and consulting on the state and capabilities of technically advanced criminal communities.
- Ability to demonstrate threat-modeling aptitude, as well as developing Operational Security processes to remediate operational risks.
- Ability to solve problems with common industry cloud solutions and tools.
- Demonstrated aptitude in task automation.
- Work closely with teams within the research organization to develop and support internal services that will power the research group.
- Fundamental knowledge of network and web related protocols (e.g., TCP/IP, UDP, HTTP, HTTPS, REST)
- Diverse range of security experience at the enterprise level (information, application, network, research)
- Strong understanding of common web application attacks (OWASP TOP 10)
- Strong Linux fundamentals and ability to analyze data with security tool sets.
- Familiarity with the fundamentals of a robust security program.
- Fluency in common web technologies and engineering workflows.
- Familiarity with modern data science practices.
- In-depth knowledge of the “underground” scene and the motivations of threat actors.
- Strong understanding of the diverse range of cloud services and their implementation.
- Ability to automate AWS infrastructure in conjunction with research workflows.