Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: InfoSec Jobs - Principal Security Researcher Singapore GREM, GCFA, GPEN or similar InfoSec Jobs

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

This listing has expired and therefore is not publicly viewable.

Principal Security Researcher
Company Countercept, MWR Infosecurity
Location Singapore
Preferred GIAC Certifications GREM, GCFA, GPEN or similar
Travel 10%
Salary Competitive
Contact Name Kia Meng TEO
Contact Email kia.meng-teo/at/
Expires 2018-05-09

Job Description

About Countercept...

Countercept is a complete managed service for detection of and response to advanced persistent threats (APT) and cyber-attacks, delivered from our operations centre for 24/7 real-time monitoring of our clients’ assets. Traditional approaches to malware prevention and protection against being hacked, such as anti-virus scanning, are no longer effective these days, so we’ve built a business around staying at the forefront of the cyber arms race. We have an exceptional track record of picking up everything from script kiddies to nation state attackers.

One of the coolest things about being a part of Countercept is working with true leaders in the field of cyber security. We are pioneering ‘Threat Hunting’ within the industry, a new approach that is fundamentally the only way to be truly effective at stopping hackers in the modern world. While we embrace buzz-words like machine learning and use these techniques as part of our solution, our competitors’ complete reliance on such approaches only serves to prove that they don’t truly get it. As a company we regularly perform red-team (attack) exercises against companies using such defences and it’s shocking how ineffective they can be.

Key Responsibilities

As a Security Researcher in Countercept’s Security Research Team, your primary goal is to:

*Drive the capability of the Countercept service (both the team and product capabilities) by conducting novel research and identifying techniques to enhance detection and response
*Promote Countercept’s capability across MWR and in the public domain with a focus on raising the awareness and credibility of: Countercept, the blue-team side of the industry, and hunt teams in general

In order to achieve these goals your role will likely involve activities such as the following:
*Initiate and conduct regular research projects, which may include:
--Identifying current and future attack techniques to ‘generate hypotheses’ for hunting and drive product innovation
--Identifying novel techniques to contain a live attack in action
--Conducting offensive activities to bypass the Countercept infrastructure and the appropriate mitigations to enhance the service
--Performing ‘reactive research’ based on public incidents (e.g. ShadowBrokers)
*Present regularly at external security conferences and MWR events (The MWR Briefing, MWRICon)
*Publish articles, whitepapers and blogs on the Countercept website
*Raise your own personal profile as a researcher within the industry, with the support from MWR’s existing reputation and market presence
*Network with other security professionals within the industry to increase awareness of Countercept’s capabilities and where possible, attend and organize industry meetups
*Collaborate with MWR’s Security Researcher’s (MWR Labs) to raise our own profile across MWR and perform joint research where applicable

Who we think will be a great fit...

*Detailed knowledge of offensive techniques used across the entire cyber kill chain
*Strong understanding of the inner workings of common networking protocols, such as TCP/IP, DNS, HTTP and SSL
*x86/x64 Reverse Engineering techniques
*Good coding skills in multiple languages for development of proof-of-concept offensive and defensive prototypes e.g. C/C++, C#, Powershell, Python
*Strong working knowledge of key operating systems, such as Microsoft Windows and Linux as well of experience using the Win32 API
*Experience using machine learning techniques to solve real-world problems
*Familiarity with common techniques used by malware and attack frameworks to obfuscate themselves and otherwise avoid detection
*Experience using threat hunting techniques to detect targeted attacks