Threat Analyst

It's fun to work in a company where people truly BELIEVE in what they're doing
- We're committed to bringing passion and customer focus to the business._

The Role

Your day to day
- Member of a creative, enthusiastic, and geographically-distributed team (in a 24/7/365 "follow the sun" model) that is responsible for identifying, parameterizing, and responding quickly to spam attacks levied against some of the world's largest organizations.
- Provide written responses and explanations to customers who request assistance through our ticketing system.
- Perform deep analyses of spam message headers & structures to identify novel spam features, and design regular-expression (regex) based rules to detect those features.
- Participate in attack post-mortems to improve the team’s response to threats.
- Provide responses and explanations to customers in a positive, professional manner.
- Analyze misclassified messages (spam and legitimate) and make updates to spam definitions to correct their classifications.
- Ad-hoc development of tools as necessary to aid/streamline analysis activities.
- Help us define the landscape, prevalence, and evolution of messaging abuse, threats, and attacks by participating in future requirements definition discussions of our products.

What you bring to the team
- Minimum 2 years experience with Python, Jypyter Notebooks.
- Threat analysis expertise (desired: malware, phish, spam).
- Knowledge of different types of threat actors, attack vectors, tools, tactics, and technical data. PRE-ATT&CK tactics and techniques know-how is desired as well.
- Familiarity with Unix environments and comfort with a range of Unix command line tools for manipulating and extracting content from text files.
- Strong written and verbal communication skills, including the ability to convey highly technical information in an accessible manner.
- Experience with Perl, especially advanced regular expressions and Unix command line invocations.
- General familiarity with how mail delivery works, including SMTP.
- Willingness to play an important technical role that does NOT primarily involve development although Python coding skills are desirable, but not a must.
- Good understanding on existing techniques for “Social Engineering/419 spam as well as BEC as a sub-category of thereof.
- Ability to create signature rules based on observed suspicious patterns.
- With experience of 3-4 or more years in the field.
- Demonstrated analytical and creative problem-solving abilities.
- Willingness to interact with customers (web and occasionally phone-based support) to help resolve their issues.
- Ability to work independently yet fully integrate with worldwide, remote teams.
- Can-do attitude with a focus on problem solving, product quality, and a strong desire to get the job done.
- Requirements/Education and/or Equivalent Experience (including technical and non-technical capabilities)
- BSCS or equivalent, or equivalent technical experience.
- If you like wild growth and working with happy, enthusiastic over-achievers, you'll enjoy your career with us_