Apply on Employer Site

Dragos, Inc. · 2 months ago

Staff Analytics Engineer

United States

Full-time

Remote

Senior Level, Lead/Staff

$192K/yr - $192K/yr

6+ years exp

Dragos is a market leader in ICS/OT Cybersecurity, dedicated to defending industrial organizations. They are seeking a highly skilled Analytics Engineer to enhance the security of operational technology environments by identifying and classifying OT assets, developing vulnerability mappings, and advancing threat detection capabilities.

Cyber SecurityNetwork SecuritySecurity

Responsibilities

Participate in efforts for discovering and cataloging OT assets using advanced detection methodologies

Work in tandem with reverse engineers to decipher proprietary protocols and uncover asset attributes using vendor documentation and protocol specifications

Partner with developers to integrate findings into Dragos’s threat detection and response platform

Contribute to the creation of detection logic and rules for real-time threat monitoring of atomic operations

Troubleshoot and fix both internal engine configurations and python analytics use for asset identification and atomic operations

Develop and document team CI/CD and testing standards, authoring unit, integration, and end two end tests to verify characterizations and detections are working as expected

Collect PCAPs using OSINT, Generate PCAPs utilizing test range, or craft PCAPs utilizing software to use in both detection development and regression testing

Qualification

Python developmentCybersecurity experienceNetwork packet analysisSuricataLinux command lineGit version controlICS/OT knowledgeOpen-source researchContainerized solutionsAI/ML techniquesData pipelinesSQL experienceELK stackZeekYara

Required

4 years in a production software development environment, with 2 years of experience with python development

6+ years in cyber security related field; operations, threat hunting, detection development, offensive operations, threat emulation, security research, or security tool development

Experience with analysis of network packet captures (PCAPs) and traffic using tools such as Wireshark and Network Miner

High level of experience using Suricata, Wireshark/tshark for network packet capture (PCAPs) analysis, and SIEM tools

Familiarity with containerized solutions for debugging

A solid understanding of both Linux and windows command line tools for debugging

A Strong ability to conduct open-source research

Experienced with git (or other software version control solutions)

ICS/OT knowledge and experience

Preferred

Experience developing in Rust or applying AI/ML techniques in production environments is a plus

Familiarity with building data pipelines using Python and cloud platforms (AWS, GCP, or Azure), along with SQL, data normalization, and data warehousing experience is beneficial

Exposure to OT technologies, such as PLC programming or HMI configuration, is nice to have

Knowledge of tools like Zeek or Yara for threat detection or network analysis is helpful

Experience with the ELK stack (Elasticsearch, Logstash, Kibana) for log and event analysis is a plus

Experience incorporating AI tools, models, or services into development workflows

Benefits

Competitive Equity Package

Comprehensive Benefits plan

Company

Dragos, Inc.

Glassdoor3.6

Dragos provides the most effective OT cybersecurity technology for industrial and critical infrastructure to deliver on our global mission: to safeguard civilization.

Founded in 2016

Hanover, Maryland, USA

501-1000 employees