Security Software Engineer

Expiring today

Location
Cheltenham, Gloucestershire
Salary
Competitive salary + benefits
Posted
27 Jul 2017
Closes
24 Aug 2017
Contract Type
Permanent
Hours
Full Time

Do you consider yourself an expert on malware, APT and intrusion detection? We’re looking for an innovative security developer who can apply their in-depth knowledge of OS internals, networks & protocols to identify intrusions in large and complex networks – and track the actors behind them – though large scale data analysis. We build detections that run against data collected from Microsoft’s internal networks; our detections also form part of the Azure Security Center detection arsenal, serving to protect customers who use the Microsoft cloud.

Did you know that many customer VMs running in Azure are Linux-based? We are therefore particularly interested in candidates with experience of incident response or post-compromise attacker activity in *nix environments. You will figure out what data and metadata is the most important to collect at scale in order to detect, reconstruct and visualize an attacker’s activity when a Linux VM is compromised, develop the techniques and tools to detect new intrusions and extract unique threat intelligence from that data. 

You will need to be creative in generating and prototyping new ways to detect malware and track adversaries, and at the same time be focussed on turning these ideas into a production system that can operate at scale.

Key skills required

  • +3 years of experience with malware and expert knowledge in the malware analysis domain – including in-depth understanding of techniques used by malware in targeted adversary campaigns.
  • +3 years of experience in generating new ideas for malware detection and seeing these through to implementation in a production system.
  • +3 years of experience working with network data, event data, or other large datasets.
  • +3 years of experience delivering production-quality solutions in C/C++ and/or C#.

Optional bonus skills:

  • Network penetration testing and intrusion remediation experience especially in *nix environments.
  • OS internals – especially in the areas of event management and networking.
  • Data mining
  • Reverse-engineering & binary analysis.