Principal Engineer - Network Security

Job Description :

The elevator pitch : Why would you enjoy this new opportunity?

VMware by Broadcom is the leader in datacenter infrastructure, networking and security business, and virtualization software.

We empower customers with solutions from the software-defined data center to hybrid cloud computing and the mobile workspace.

We have an exciting opportunity for a Principal Engineer on our Network Detection and Research Team part of the ANS Business Unit.

All candidates should make sure to read the following job description and information carefully before applying.

Our team is responsible for the development of the network intrusion detection capabilities for the VMware vDefend Advanced Threat Prevention (ATP), a cutting-edge networking and security analytics solution for the detection and prevention of advanced threats.

The team has been operating since 2014 and has built the award-winning network detection capabilities in the Lastline Defender product, now part of the NSX family.

We are passionate about network detection and threat research, and combine in a single team C++ developers responsible for engine development with developers maintaining the data collection infrastructure (on top of GCP / k8s) and the development of new detection capabilities in the product.

We strive to innovate and differentiate ourselves from other players in the space with a data-driven approach and a strong reliance on automation and machine learning.

If you are passionate about network threat detection, and you are willing to try out new ideas and approaches in the fight against malware and advanced threats, come and join us!

Success in the Role : What are the performance outcomes over the first 6-12 months you will work toward completing?

• You will master the IDS curation framework, a complex infrastructure collecting data on new trends in the threat landscape and evaluating against them our network detection capabilities
• You will be contributing on a day-to-day basis to our detection capabilities and take an active role in the threat detection team.
• You will write, review, improve Suricata signatures
• You will contribute to the creation of new tools and techniques, quickly prototyping new ideas to ensure their viability as well as bringing them to production
• You will achieve an in-depth understanding of the capabilities and limitations of the Suricata IDS engine.
• You will work with a global team in different geographical locations and you will have a unique opportunity to mentor and grow junior engineers while also developing your leadership skills.
• You will be an integral part of our leadership team and a thought leader within Broadcom and the industry.

The Work : What type of work will you be doing? What assignments, requirements, or skills will you be performing on a regular basis?

• Lead and drive the architecture of our network detection pipeline.
• Constantly monitor the threat landscape and identify gaps in our detection capabilities that need to be prioritized.
• Ensure the delivery of high quality detections capable of detecting different variants of a given threat with minimal or no false positives.
• Explore out-of-the box ideas to the detection of specific threats, pushing the boundaries of the Suricata lua engine or expanding the Suricata codebase with new capabilities.
• Analyze large amounts of network data to identify interesting behaviors with the help of Elasticsearch / Kibana stacks.
• Review the activity of other members of the team and help to push for excellence.

Who you are :

• You are passionate about threat research and you are a methodical person comfortable in managing and analyzing large amounts of data.
• You are able to work independently and you are comfortable in working with a global team working in different timezones.
• You enjoy experimenting with new ideas, creating quick prototypes, and following academic papers to identify new approaches.

Preferred qualifications

• Bachelor's in Computer Science and 12+ years of experience in threat detection. Or, PhD in Computer Science with a focus on computer security or machine learning welcome and 7+ years of experience
• Knowledge of IDPS concepts and experience at developing IDS signatures.
• Deep working knowledge in python.
• Familiarity with docker and k8s environments.
• Experience in the analysis of security data and in the usage of Elasticsearch / Kibana stacks.

What is the leadership like for this role? What is the structure and culture of the team like?

The hiring manager for this role is Corrado Leita, who leads the Network Detection Research Team in the ANS Business Unit and is based in London UK.

The team is spread across US and Europe, and has strong roots in academic research with several members of the team having worked and published in top academic conferences on network security topics.

J-18808-Ljbffr