Devo, the cloud-native logging and security analytics company, empowers security and operations teams to maximize the value of all their data. Only the Devo platform delivers the powerful combination of real-time visibility, high-performance analytics, scalability, multitenancy, and low TCO crucial for monitoring and securing business operations as enterprises accelerate their shift to the cloud. Headquartered in Cambridge, Mass., Devo is backed by Insight Partners, Georgian, and Bessemer Venture Partners. Learn more at www.devo.com.
The Security Content Researcher is often considered one of the most important roles within the Devo organization. Your mission is to ensure Devo and our customers are adequately protected from ongoing security threats.
RESPONSIBILITIES:
● Use and grow your deep security knowledge to dive deep into the latest security threats and published research.
● Help improve the Devo platform by designing new ways to detect potential threats and adversaries and guide the development of alerts and response for known security threats.
● Advise Devo and customer SOC teams with alert integration and usage and help formulate future requirements for additional alerts.
● Write and maintain custom scripts to increase system efficiency and lower the human intervention time on any tasks.
● Generate and deploy logs into Devo from various sources (e.g., Windows logs, *Nix logs, Firewall logs) as part of developing and evaluating the efficacy of new threat detection innovations.
● Harness your deep security knowledge to preemptively identify potential weaknesses in the Devo platform.
● Publish articles for circulation in the security community discussing newly discovered threats and how Devo can help protect against them.
● Collaborate remotely with global security research and content engineering team members.
● Evangelize security to our customers.
REQUIREMENTS:

• Ability to communicate deep technical issues or concerns to a non-technical audience
• Knowledge of the MITRE ATT&CK Framework and well known threat groups TTP's
• Experience and technical administrative familiarity with multiple OS and cloud stacks
• Familiarity with Jenkins or other CI/CD environments
• Demonstrated experience with code management tooling such as Git, Github, Gitlab
• Knowledge and experience with workflow and collaboration tooling such as Atlassian Jira and Confluence
• Understanding of Virtual environments such as VMWare
• At least 2+ years of experience conducting penetration tests or blue-teaming against them
• High degree of comfort automating workflows using python, open source tools and APIs
• Strong network security architecture knowledge. Best practices, OSI model, protocols, architectures, etc.
• Self-starter that's experienced working with team members in different time zones around the world
• Strong and confident communicator (written and verbal English)

Desired:

• Previous experience working with engineering teams.
• Familiar with Machine Learning and analytics technologies (BigML, H2O…).
• Passion and hands-on security experience is preferred, but industry recognized security certifications (such as Security+, CEH, CISSP, OSCP, etc.) are ok if you're transitioning from another technical engineering field to become a security researcher. Passion and talent trumps certifications!
• Presented your own novel security research at a major security conference? (e.g., Blackhat, DEFCON, RSA, etc.) You're awesome – we want you!