Booking Holdings Romania - Cyber Threat Research Engineer
Booking HoldingsCu normă întreagă Zi plină
Booking Holdings Romania is a Center of Excellence based in Bucharest, Romania and was created to support the increasing business demands of the Booking Holdings Brands. The Center of Excellence provides access to specialized and highly skilled talent, leading industry standard processes, and collaboration opportunities across all of our Brands. As part of our Booking Holdings Romania team, you will have the opportunity to be a part of the world's leading provider of online travel, with a mission of making it easier for everyone to experience the world through six-primary consumer facing brands: Booking.com, Priceline, Agoda, KAYAK, OpenTable and Rentalcars.com.Role description
As a Cyber Threat Research Engineer at BHI Group Cyber Defense (CDR) Services, you will be responsible for enhancing detection, prevention and response excellence, staying ahead of emerging threats, and enhancing capabilities through researching various threats. This pivotal role fortifies the BHI Group cyber defense, executing adversary emulation programs and performing threat research on emerging threats. This individual will play a critical role in maintaining the cybersecurity posture of the organization, ensuring the company remains resilient and responsive to ever evolving cyber threats.Key Job Responsibilities and Duties
- Upholding the edge at CDR Services, focused on delivering quality detection and response quality with a strong emphasis on adversary and cyber defense
- Cultivating a proactive approach by actively researching emerging threats, malware, TTPs, and threat actors
- Demonstrating practical expertise by analyzing phishing threats and malware like AgentTesla, Redline to fortify our defense mechanisms
- Performing Adversary Emulation using Breach andamp; Attack Simulation(BAS) tools by validating security controls (EDR, Firewall, etc.) against diverse malwares and threat actor TTPs.
- Simulating malware within a controlled environment to assess the security postures and providing recommendations for enhancements
- Craft research-based threat hunting packages for threat hunting teams
- Analyze, synthesize, and present research findings to both internal teams and external audiences.
- Collaborate closely with cybersecurity teams, contributing to threat detection use cases.
- Staying ahead of threats by being at the forefront by continuously monitoring attacker tools and new adversarial TTPs.
- Developing codes/scripts to streamline threat data analysis and automation to improve the efficiency of threat research
- Utilizing coding and scripting skills, analyze various advanced malwares
- Bachelor's degree or equivalent experience
- Strong understanding in one of the following areas: Malware Analysis, Red or Purple Teaming, Threat intelligence, Threat Detection or Incident Response.
- Solid understanding of malware and various phishing attacks.
- Knowledgeable in identifying threats within at least one major operating system (Windows or Linux).
- Familiarity with the kill-chain model, ATTandamp;CK framework, and modern attack techniques
- Demonstrated knowledge of common and emerging attack techniques
- Experience with commercial Endpoint Detection andamp; Response (EDR) platforms.
- Fundamental knowledge of at least one cloud technology
- Excellent interpersonal and communication skills
- Constantly demonstrates ownership and proactiveness in solving challenges.
- Proficient in solving challenges, prioritizing tasks, and managing context switching.
- Good experience in malware analysis or adversary emulation simulation is highly helpful.
- The candidate will need to possess good coding skills, primarily in Python and SQL, which will be used daily.
- The candidate will be required to write code for conducting advanced Cyber Investigations, Research, and Threat Hunting.
- The candidate should have good knowledge in other coding languages such as [.NET, C++] for Reverse Engineering activities
- Contributing to a high scale, complex, world world-class product and seeing real-time impact of your work on millions of travelers worldwide.
- Working in a fast-paced and performance driven culture.
- Technical, behavioral and interpersonal competence advancement via on-the-job opportunities, experimental projects, hackathons, conferences and active community participation.
- Competitive compensation and benefits package.
Booking Holdings is proud to be an equal opportunity workplace and is an affirmative action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. We strive to move well beyond traditional equal opportunity and work to create an environment that allows everyone to thrive.
If your application is successful, your personal data may be used for a pre-employment screening check by a third party as permitted by applicable law. Depending on the vacancy and applicable law, a pre-employment screening may include employment history, education and other information (such as media information) that may be necessary for determining your qualifications and suitability for the position.