Research & Efficacy Analyst

  • Location:
    Calgary, Alberta, Canada
  • Area of Interest
    Engineer - Software
  • Job Type
  • Technology Interest
  • Job Id
Who You'll Work With
The Research & Efficacy Team is composed of highly skilled individuals who are comfortable working in a fast paced and technically challenging environment. The AMP Research and Efficacy Team are tasked with improving the detection and alerting capabilities of the AMP for Endpoints and Threat Grid product lines. Part of this work includes researching malware, attack and exploitation methods in order to generate Indicators and signatures for alerting within both products.

What You'll Do
Interface Directly with Tier 3 support team to provide resolution of issues with detection and other support cases. 
Triage and aid in the remediation of False Positive and False Negative triggers covering the AMP architecture. 
Identify root cause of false positive detection and false negatives in product, and suggest/implement remediation.
Analyze Network traffic and binaries to identify malicious behavior and characteristics
Suggest product improvements and enhancements through daily activities
Identify and Report prevalent malicious techniques. 
Conduct research into Tools and Tactics used by Malicious authors.
Identify behavioral activity in recorded execution of software
Identify benign or normal activity in recorded execution of software 

Who You Are
Research & Efficacy Analyst 
Alberta, Calgary 
Minimum Qualifications
Knowledge of operating system internals including Windows, Linux and Mac OS.
Prior knowledge or experience with Malware detection or remediation
Ability to Read and comprehend Packet captures
Ability and prior experiencing in writing and validation of threat signatures 
Ability to write and validate parsers for a variety of file formats.
Scripting or programming experience
Excellent communication skills
Ability to articulate technical issues 

Preferable Qualifications
Reverse Engineering and experience with IDA Pro, WinDbg, OllyDbg 
Data Mining and interpretation skills
Experience in and knowledge of Clojure
Background or knowledge of Quality Assurance

Why Cisco
We connect everything: people, processes, data, and things. We innovate everywhere, taking bold risks to shape the technologies that give us smart cities, connected cars, and handheld hospitals. And we do it in style with unique personalities who aren't afraid to change the way the world works, lives, plays and learns. 

We are thought leaders, tech geeks, pop culture aficionados, and we even have a few purple haired rock stars. We celebrate the creativity and diversity that fuels our innovation. We are dreamers and we are doers. 

We Are Cisco.

Apply on the Company Site