Nozomi Networks (www.nozominetworks.com) is the emerging leader of IoT cybersecurity. Whether our clients need fast product enhancements, onsite engineering support, or rapid deployment across continents, we deliver.
We accelerate digital transformation by providing exceptional network visibility, threat detection and operational insight for OT and IoT environments.
We are seeking for a talented Sr. Cyber Threat Analyst to join our Security Research Team.
As part of the team, the candidate will be required to both analyze the newest emerging threats by reverse-engineering them (malware analysis) and actively develop the internal infrastructure to improve automation systems.
The position represents an opportunity to be part of a dynamic team working on advanced challenges.
The team focuses on improving the detection capabilities of our Threat Intelligence service by hunting for new threats, investigating malware-related incidents and protecting customers against criminals and nation state actors targeting critical infrastructures.
The Sr. Threat Analyst is responsible for maintaining the prime-quality level of our service working on different activities as well as performing intelligence operations in order to collect all the required knowledge in order to respond to advanced threats.
The Sr. Threat Analyst will be also responsible to write technical blog posts to share research-related details with the community.
Skills & Requirements
Strong fundamental IT knowledgeAdministration of Windows and Linux-based systemsNetwork protocols (OSI model)Basic security concepts (like cryptography)Common corporate dev tools (for version control, CI / CD, containerisation, etc)
At least 3 years of reverse engineering and threat intelligence experienceAn ability to fluently read low-level machine instructions and understand their purpose, mainly for x86 and ARM platformsKnowledge of the structure of various binary files (MZ-PE, ELF, etc)Experience in using common RE tools like IDA, Ghidra or Cutter / radare2, Wireshark, etcAn ability to perform manual sample unpackingExperience with intrusion detection systems and network traffic analysis
At least 3 years of Python development experienceAn ability to develop, extend and support big modular projects as part of a bigger teamExperience with Agile software development mindsetFollowing best engineering and development practicesExperience with at least one of the major cloud computing vendors (AWS is preferred)Good knowledge of CI / CD practices
Excellent verbal and written communication skills (English)
Previous experience in security companies
OSCP, OSCE, SANS GREM or similar certification preferred, but not required
Position preferred on-site in Mendrisio (Switzerland)
Remote positions will be considered as well
Flexible work hours
Generous vacation plan
Free coffee ️
New MacBook Pro + Monitor
A beautiful view on Swiss Alps
Opportunities to grow
Annual training to further develop your current skillset or learn something new
Attending conferences (as an attendee or speaker)
Attending remote / on-site CTFs with the security research team
Information security certifications