Oh, this position is no longer open. Sorry!
Security Research Engineer
Security Research Engineer
At Cowbell, our mission is to protect small to medium-sized enterprises from evolving cyber threats. Join our fast-growing team of diverse and passionate individuals on this mission to reinvent how businesses manage cyber risk and buy cyber insurance.
Cowbell is a fast-growing, next-generation cyber insurance provider, built on cutting-edge technology by a team of seasoned professionals united in their mission to achieve our ambitious goals. We believe in a people-first culture and know that great work isn’t done without a phenomenal team, so we make sure to reflect that in our core values, benefits & wellness program.
In support of increasing demand, we are actively looking for ambitious people, who are not afraid of hard-work, ambiguity and a dash of chaos, to join our team and be part of a growing institution where they can hone their skills and develop new ones in a fun, challenging and dynamic environment.
If that sounds like you, we want to hear from you!
Cowbell Cyber is hiring a Cyber Security Researcher to join our Data Science team.
- Solid knowledge in networking and Internet protocols (OSI L4-L7).
- Experience with Ethical Hacking and Penetration Testing.
- Experience with security assessment tools, including Metasploit, Burp Suite Pro, Powersploit, Empire, CANVAS, Cobalt Strike or Core Impact, Kali Linux.
- Knowledge of NIST, CVE MITRE ATT&CK Framework, Cyber Kill Chain, Unify Kill Chain, OWASP, etc.
- Develop automation/scripts for replicating TTPs, attack scenarios, and work with the AI/ML detection team to improve the detection
- Knowledge coding with Python. Experience/Interests in data mining.
- Motivated self-starter with experience in operating in various underground environments, to include hidden sites/forums.
- Understanding of technical terminology, tools, and tactics employed by threat actors.
- Comprehensive, practical knowledge of research/collection tradecraft.
- Experience with any of AWS Security Hub, Google Security Command Center, Microsoft Secure Score is a plus.
- Experience working with SIEMs (e.g. ArchSight, Splunk, Nitro, AlienVault, Rapid7. ...).
- Experience working with various Vulnerability Management Products.
- Visibility in security community, through tool development contribution, blogs, conference speaking etc.
- Proficient in developing, extending, or modifying exploits, shell code or exploits tools.
- Experience with linking many attack steps to complex attack scenarios.
- Good programming, problem solving and analytical skills.
- Minimum 3+ years of relevant experience.
- Fast learner on new attack methodology and skills.
- Experience with SQL and NoSQL database.
- Education: BA or BS/MA or MS in Computer Science, Computer Engineering, or other related fields
- Other technical security certifications (OSCP, OSCE, GWAPT, GPEN, GXPN, CISSP) or academic background a plus.
What Cowbell brings to the table:
- We are certified as a Great Place to Work.
- Nationwide medical, dental and vision coverage plus life insurance, long term disability and flexible spending accounts.
- 401K matching.
- Employee equity plan for all and wealth enablement plan for select customer facing roles.
- Comprehensive wellness program including unlimited PTO, monthly wellness day off, subscription to meditation app, lunch and learns, book club, weekly lunch stipends, happy hours and much more.
- Professional development and the opportunity to learn the ins and outs of cyber insurance, cyber security as well as continuing to build your professional skills in a team environment.