Location: Remote in the U.S. or Canada

Zscaler is looking for a highly technical staff security researcher with significant experience in threat detection engineering. This position needs to have a deep understanding of emerging threats, security technologies, a knack for problem-solving, and a creative approach to create innovative threat detection solutions. Analyze zscaler product telemetry and hunt for threats at scale through in-depth log analysis and malware behavior. The results will be used to develop innovative tools to automate further threat hunting, produce technical threat analytics reports, and publish research blogs.

• Collaborate with threat-hunting operations and drive product innovation in threat detection.
• Drive positive threat hunting service outcomes through cross-functional collaboration with other functional teams, across threat hunting, data engineering etc.
• Perform threat modeling, design and build effective threat detection rules and models to help shorten the mean time to respond.
• Responsible for analyzing advanced threats & TTPs and creating effective detections allowing threat hunters to successfully find the needle from the haystack.
• Responsible for the development and design of signals which can automatically highlight emerging threats.
• Analyze malware and threat attacks for patterns and develop automated solutions for analysis, classification, and categorization of data for further automation.
• Create innovative security solutions and strategies to support threat alerting pipeline allowing Threat Hunters to quickly identify and remediate potential security threats.
• Work with global threat intelligence collectors to identify, contextualize, and instrument current and emerging cyber threats.
• Actively participate in the cyber security community, establishing relationships and knowledge sharing.
• Develop security-focused tools and services in support of intelligence, detection, and response.

• Required 8+ years hands-on threat detection, threat research and threat hunting experience
• Strong understanding of tools, tactics and procedures (TTPs) of threats actors (eCrime/APT)
• Experience in incident analysis and response using industry standard frameworks such as MITRE ATT&CK and the cyber kill chain
• Experienced in security information and event management tools, such as Splunk, Elasticsearch.
• Experience with malware analysis - dynamic & static
• Must be able to validate findings, perform root cause analysis, and deliver recommendations for fixes.
• Strong scripting and automation skills are must (Python preferable)
• Must have excellent reporting and analytical skills.
• Strong understanding of web protocols and web application security
• Experience writing IDS/IPS, YARA signatures

• TTP based threat hunting
• In-depth log analysis and malware tracking and monitoring
• Data mining experience with large security data sets such as IDS, IPS and firewall logs.
• Strong development background with experience in Python and Familiarity with SQL

• Bachelor's or graduate degree from four-year college or university (preferably in Computer Science, Engineering, or a related discipline), or equivalent security industry work experience.

#LI-remote

#LI-AM12