Splunk

posted about 1 month ago

Full-time - Mid Level
Computing Infrastructure Providers, Data Processing, Web Hosting, and Related Services

About the position

The Security Threat Researcher at Splunk will focus on developing phishing detection technologies within a microservice-based threat analysis pipeline. This role is crucial for enhancing the security of customers by creating effective detection logic and staying updated on the evolving phishing landscape.

Responsibilities

  • Stay informed about the current phishing landscape and develop effective detections to protect our customers.
  • Review a large number of potential phishing websites daily to determine if new detections need to be created, or existing detections need tuning.
  • Collaborate with developers to identify and resolve issues, missing features, and enhance phishing-related detection capabilities.
  • Investigate and respond to detection related issues reported by customers.

Requirements

  • Minimum 2 years of experience as a detection engineer, security researcher, or threat analyst.
  • Bachelor's degree in Computer Science or a related quantitative field (equivalent education/experience considered).
  • Deep understanding of the modern phishing landscape, including threat actors, phishing kits, AITM/Reverse Proxy frameworks, and related techniques.
  • Proficiency in writing phishing detections using various technologies (e.g., Regex, ClamAV, Suricata).
  • Expertise in creating complex regular expressions for detection.
  • Familiarity with typical phishing kit structures.
  • In-depth knowledge of HTML, Javascript, and the HTTP protocol.
  • Proficiency in JSON.
  • Excellent verbal and written communication skills.

Nice-to-haves

  • Knowledge of common network protocols (FTP, SMTP).
  • Proficiency in Python or Go.
  • Familiarity with the MITRE ATT&CK Framework and other relevant attacker tactics, techniques, and procedures (TTPs).
Job Description Matching

Match and compare your resume to any job description

Start Matching
© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service