Senior Threat and Detection Software Engineer
Apply NowCompany: Insane Cyber
Location: San Antonio, TX 78228
Description:
At Insane Cyber, we're focused on advancing cybersecurity for the better. We've developed innovative tools backed by expert support to change how organizations perform deep level proactive and reactive analysis. We partner with our customers to provide cutting-edge solutions and services to help protect our critical infrastructure and critical operations from threats - from the power grid to manufacturing.
Our flagship Valkyrie and Cygnet products provide host and network analysis automation beyond the capabilities of other products on the market. Our Corvus and Aesir product lines deliver managed and professional services to help assess and fill gaps and weaknesses in the security posture of clients' security programs.
It's an exciting time for us as we continue to grow our products and services, and we need a great team in place!
As we grow, we are seeking a Senior Threat and Detection Software Engineer to join our team. This role is crucial for the continued development and enhancement of our flagship products, Valkyrie and Cygnet. You will be a key player in our engineering team, bringing your expertise and innovative thinking to advance our technology and maintain our competitive edge in the market.
Responsibilities:
Qualifications:
The ideal candidate consists of a mix of the below attributes:
Benefits:
Insane Cyber is proud to be an equal-opportunity employer. We celebrate diversity and strive to foster an inclusive environment for all employees. If you're a visionary with a passion for pushing the boundaries of industrial cybersecurity, we'd love to hear from you.
Our flagship Valkyrie and Cygnet products provide host and network analysis automation beyond the capabilities of other products on the market. Our Corvus and Aesir product lines deliver managed and professional services to help assess and fill gaps and weaknesses in the security posture of clients' security programs.
It's an exciting time for us as we continue to grow our products and services, and we need a great team in place!
As we grow, we are seeking a Senior Threat and Detection Software Engineer to join our team. This role is crucial for the continued development and enhancement of our flagship products, Valkyrie and Cygnet. You will be a key player in our engineering team, bringing your expertise and innovative thinking to advance our technology and maintain our competitive edge in the market.
Responsibilities:
- Contribute code into Valkyrie and Cygnet as part of an agile sprint process with a multidisciplinary engineering team.
- Keep up with current and emerging threats and develop innovative ways to implement detection of threats in Valkyrie and Cygnet with both host and network data.
- Work with customers to identify improvement areas for threat detection in critical infrastructure environments.
- Apply working experience with protocol dissection and proprietary protocol analysis, preferably in the industrial space.
- Contribute to the technical roadmap and product strategy discussions, providing insights and expertise.
- Collaborate with the engineering, professional services, external customers and other internal and external groups to identify, architect, develop and deliver capabilities to end users.
Qualifications:
The ideal candidate consists of a mix of the below attributes:
- Minimum 7 years of experience in detection engineering or threat intel detection capability development, preferably in the cybersecurity industry on host and/or network detection products.
- Bachelor's or Master's degree in Computer Science, Engineering, or a related field, or equivalent practical experience.
- Proven experience building scalable cybersecurity platforms capable of handling batch and streaming host and network data.
- Working knowledge of proprietary and open source threat detection engines and rulesets (Suricata, Yara, Sigma, ClamAV, etc)
- Working experience with host and network data analysis across packet capture files, host logs, registry, memory and/or disk artifacts.
- Working knowledge of major nation state and criminal level threats and past experience building host and network detections to identify those threats.
- Deep working knowledge of MITRE ATT&CK, D3FEND, or other threat modeling frameworks.
- Ability to research and discover proprietary protocols and add support to Valkyrie and Cygnet capabilities.
- Static and dynamic reverse engineering with SysInternals or other networking/host libraries is a major plus.
- Systems reverse engineering (IDA Pro, Ghidra, BinaryNinja) and operating system internals knowledge across Windows and/or Linux.
- Industrial cybersecurity and/or critical operations industry experience is preferred.
- Strong proficiency in backend languages and frameworks, such as Python, JavaScript, C, Go, Rust, or similar technologies.
- Ability to work collaboratively in a team environment and communicate effectively with both technical and non-technical team members.
Benefits:
- Competitive Base Salary
- Equity offering subject to board approval
- Comprehensive medical/dental/vision/life insurance plan
- Retirement plan with employer match
- Flexible working hours and generous time-off policy
Insane Cyber is proud to be an equal-opportunity employer. We celebrate diversity and strive to foster an inclusive environment for all employees. If you're a visionary with a passion for pushing the boundaries of industrial cybersecurity, we'd love to hear from you.