Research Engineer - Efficacy Engineering

  • Location:
    San Francisco, California, US
  • Area of Interest
    Engineer - Software
  • Job Type
  • Technology Interest
    Internet of Everything, Networking, Security
  • Job Id

Research Engineer - Efficacy Engineering

Role & Responsibilities

Researchers in this role regularly pour through our corpora of telemetry and archived messages and threats seeking patterns that identify bad actors. They invent novel approaches to threat detection and work in small groups to build detection content and proof-of-concept models that either transition to internally supported tools or else transition to our software teams to be hardened and further developed based on guidance provided by EE. Specific responsibilities include:

  • Data mining of all types
  • Good pattern recognition: identifying new threats as they surface
  • Rapid prototyping of code to automate a newly discovered threat pattern
  • Collaborating between several very different teams to meet efficacy goals
  • Furthering Talos’s strong connection with the security industry
  • Maintaining a high threat catch rate for our products

Minimum Qualifications

  • Strong interest in security
  • Professional experience in SW dev, scripting, or threat research
  • Proven record of delivering quality in a highly available & scalable environment
  • Proficiency in Python and/or Perl
  • High comfort on a UNIX shell (grep, sed, awk, etc.)
  • No stranger to PCRE
  • Strong verbal, written, analytical, and persuasive skills
  • Good understanding of statistics and probability
  • Flexible and adaptable, able to switch gears in high-stress situations

Desired Skills

(ideal candidates have more than half of these)

  • Regex Golf: Score 2000+ on hard mode at
  • Experience in hacking activities (e.g. Capture the Flag)
  • Knowledge of anti-spam technologies
  • Understanding of cryptographic techniques
  • Background in malware analysis
  • Familiarity with HTML and email formatting (RFC822: headers, MIME)
  • Understanding of SMTP, HTTP, and DNS protocols
  • Experience with Perforce and Git source control systems
  • Proficiency in querying SQL in a live production environment
  • Have deployed or administered email-related infrastructure
  • Skilled in traversing complicated network topologies (like advanced ssh/nc)
  • Advanced shell scripting skills (in addition to Perl and Python)
  • Able to decipher obfuscated HTML and JavaScript
  • Experience with established big data tools (Hadoop, Elasticsearch)
  • Experience with graph theory and/or graph databases (e.g. Titan)
  • Versed in machine learning concepts (SVM, CNN) and technologies like liblinear
  • Fluent in one or more non-English written languages

We connect everything - people, process, data and things. We innovate everywhere to create fresh ideas and possibilities. We make a meaningful difference that will benefit everyone - our people, our customers and the world around us.

Our technology changes the way the world works, lives, plays and learns. But our edge doesn't come from technology. It comes from our people. We're looking for the kind of people who take smart risks, thrive in diverse environments, inspire their colleagues, and are committed to having an impact on the world. Whether you create technology solutions that redefine business or build connections that strengthen the community, you can make it happen at Cisco!