Security Researcher

Tripwire is a leading provider of endpoint detection and response, security, compliance and IT operation solutions for enterprises, service providers and government agencies. Tripwire solutions are based on high-fidelity asset visibility and deep endpoint intelligence combined with business context; together these solutions integrate and automate security and IT operations.

Our Research Engineers come from a variety of backgrounds, including programming, network and systems administration, technology research and software QA. The only common denominator is an overwhelming passion for solving difficult (and sometimes impossible) problems, a team-focused, result-oriented attitude and a desire to work hard with an energetic group of exceptionally talented teammates. The primary focus of this role is to stay on top of the "vulnerability landscape" and be up-to-date on current attacks or potential attacks. The Security Engineer is responsible for reviewing, isolating, analyzing and then reverse-engineering vulnerable programs or malicious code in order to determine and understand the specific nature of the threat.

• Actively participate in the industry’s most respected security research team.
• Research newly disclosed software vulnerabilities and develop detection algorithms?
• Deploy and configure a wide range of operating systems, databases, and applications for research purposes.?
• Expand Tripwire’s products to detect new vulnerabilities and security weaknesses.?
• Keep abreast of new developments in information security, analyze the threat environment, and turn this knowledge into action that protects our clients.?
• [OPTIONAL] Contribute to our VERT blog, publish research findings, present at security conferences, and participate in the standards bodies that guide global security.

Knowledge, Skills & Abilities Required

• 2+ years education and/or experience in a Computer Security or IT related field
• ?In depth experience with computer and network security standards
• Intimate knowledge of computer operating systems. In particular, significant understanding of one or more of the following families:
  • Solaris, Linux, AIX, HP-UX, BSD, and other Unix-based systems?
  • Windows family of operating systems especially Vista/2008/7/2008R2/8/2012/10.
  • Strong understanding of TCP/IP, UDP, ICMP and other Internet protocols.
  • Ability to understand network protocol representations as they appear “on the wire”.
• Demonstrated knowledge of vulnerabilities and the exploits that target them.
• ?Demonstrated attention to detail, curiosity, and persistence are your key character traits
• Proven ability to excel in both self-directed and team oriented tasks in a fast-paced, exciting environment.?
• Demonstrated interest in information security?
• Ability to rapidly learn new protocols, programming languages, and architectures, and to apply that knowledge to the analysis of network traffic, exploit code, and system configurations.
• Strong understanding of analysis methodologies and research techniques.

Preferred skills

• Experience with web application and/or database security concepts and practices.
• ?Knowledge of intrusion detection filters, signature definitions, and vulnerability description standards such as XCCDF, OVAL, CVE, CPE, and CCE.
• Experience with virtualization technologies.?
• Understanding of operating system fingerprinting techniques.?
• Strong experience with networking concepts such as: routing protocols, switching standards, firewall rules, network address translation (NAT), CIDR, BPF and other packet filtering technologies.?
• Professional experience with a deep knowledge of programming languages such as: Python, C/C++, shell scripting, SQL, JavaScript and/or PHP.
• Experience with tools such as IDA Pro, BinDiff, Wireshark, nmap, commercial scanning technologies, etc