About the role

The Security Services organization is responsible for building core security products and features such as Data Loss Prevention IPS Malware and Threat Prevention Cloud Confidence Index and Breach and Anomaly Detection. We apply Artificial Intelligence and Machine Learning technologies across the Netskope cloud security platform. As part of the Security Services org the Security Efficacy team is responsible for continuous enhancement and enrichment of our malware detection URL filtering web security network security and AI/ML security capabilities.

What you will be doing

• Design and develop novel detection mechanisms to detect latest attacks abuse exploits about enterprise applications or services.
• Ensure continuous high efficacy on all Netskope products through well designed internal testing and collaboration with 3rd-party testing agencies;
• Respond to customer escalations. Cover latest threat discovered. Ensure the detection efficacy of Netskope threat protection.
• Work closely with data scientists threat researchers software engineers and QE engineers ensure our solutions deliver continuous security values to end customers;
• Document detection release process testing methodology testing environment and results. Be the end-to-end owner of detection efficacy;
• Lead in-depth investigation into emerging cyber threats APT groups and new advances related to network security.

Qualifications/Requirements

• First of all candidates must have a true startup spirit. Be willing to wear multiple hats and deliver end-to-end products together with collaborators from different teams and organizations.
• 8 years industry experience in threat detection engine development (i.e. AVEngine Sandbox IPS phishing page/email etc.)
• 4 years experience in building AI/ML based projects with data scientists.
• Data mining and machine learning experience are highly desirable. Experience in model training testing data labeling validation etc.
• In-depth knowledge of machine learning foundation.
• Hands-on experience on AI/ML applications/services will be a plus.
• Background in threat research experience in static and dynamic analysis tools (e.g. IDA Pro Ghidra) network analysis tools (e.g. Wireshark Zeek) and sandbox environments.
• Understand and comfortable with parsing file structure of common file types including script and pcap files.
• Strong understanding of network protocols system internals (Windows Linux) database/OS/application related vulnerabilities & exploits and attack techniques such as fileless malware obfuscation and evasion.
• Rich experience in Python programming.
• Working knowledge of SQL and NoSQL databases.
• Hands-on experience in public cloud infrastructure (AWS GCP or Azure) is a plus.
• Hands-on exploits experience/CTF experience is a plus.
• Design and develop accurate high-quality signatures and detection rules for threat detection systems
• Energetic self-starter with the desire to work in a dynamic fast-paced environment
• Excellent verbal and written communication skills

Education

• BS or MS in Computer Science or equivalent technical degree

#LI-BL2