Senior Threat Researcher

About the team...

Endgame’s Research team creates novel technologies which allow the Endgame platform to protect customers against advanced adversaries.  The team includes data scientists, reverse engineers, adversary experts, and seasoned incident response and hunt operators all working together to produce some of the industry’s most powerful signatureless detection methods.  Endgame Research delivers new capabilities directly into the Endgame product, allowing Endgame to innovate more rapidly than anyone else in the industry.  We are also open, encouraging team members to share publicly and release free tools which have an impact beyond the Endgame customer base.  If you want to work on innovative research with brilliant teammates and see your creations directly enabling Endgame customers to stop attacks, join our team.

About the role...

Endgame is seeking a Senior Threat Researcher to prototype or extend techniques in the Endgame Windows sensor to detect or prevent malicious activity on monitored endpoints.   You apply hands-on expertise developed during previous research, engineering, hunt, or incident response activities to advance Endgame efforts to detect active intrusions.  You define and implement ways to improve Endgame’s security-relevant visibility on endpoints and implement user-mode real-time analytics and heuristics on data to detect malicious activity on our sensor. You collaborate with the Engineering department to rapidly take prototypes to production quality and deliver them to customers.

About you...

  • 5+ years hands-on experience in threat research, incident response, malware reverse engineering, hunt operations, or related activity
  • Experience identifying and analyzing important artifacts or events on Windows, Linux, or Mac systems in the context of a cyber breach investigation
  • Proficiency in Python, C, and C++
  • Ability to pick up a new language and rapidly make use of it
  • A deep understanding of computer systems, networks, and protocols
  • Strong working knowledge of Windows internals
  • Kernel programming experience is a plus
  • Demonstrable passion for cyber security including continual learning about adversary tools and techniques
  • Experience analyzing malicious binaries to include extraction of IOCs, creation of detection signatures, and correlation with other malware
  • Knowledge of red team and penetration testing tools and frameworks
  • Ability to work in a fast paced and highly autonomous environment
  • Knowledge or experience of machine learning applied to the information security domain is a plus

About Endgame...

Endgame's endpoint protection platform brings certainty to security with the most powerful scope of protections and simplest user experience, ensuring analysts of any skill level can stop targeted attacks before information theft. Endgame unifies prevention, detection, and threat hunting to stop known and unknown attacker behaviors at scale with a single agent.

At Endgame, people are everything. Our team operates at the cutting edge of technology, building products that protect enterprises against the most committed cyber adversaries. 

Our team boasts some of the industry's brightest and most sought after minds in this field. We are passionate about what we do. We take our business seriously, but our environment is fun, energetic and highly collaborative. We understand that to build a great product, you need great people. This is a unique opportunity to be part of a team of talented individuals who are out to shape the future of cyber security.

Endgame is an Equal Employment Opportunity Employer – Disabled/Vet/Minority/Female/Sexual Orientation/Gender Identity.  We are committed to diversity, inclusion, and innovation in the workplace and encourage all qualified applicants to apply.

Endgame is unable to sponsor H1-B or other visas at this time.

San Francisco, CA, United States