Key skills
PythonGolangNoSQLAIMLLLMETLAnalyticsTerraformAnsibleCI/CDMentoringCommunicationProblem Solving
About this role
SpyCloud is on a mission to make the internet a safer place by disrupting the criminal underground. The Principal Security Research Engineer will focus on building automation and internal tooling to facilitate the collection of recaptured third-party breach and malware data, while also mentoring junior researchers and engineers.
Responsibilities:
- Design, implement, and maintain internal tooling for acquiring and parsing recaptured underground data
- Build and deploy cloud infrastructure using Infrastructure as Code technologies
- Build and deploy automated CI/CD pipelines to test and deploy tooling and infrastructure
- Collaborate directly with the research team to support the targeting and collection of new data sources
- Be the subject matter expert on Security Research Engineering and the data acquisition process
- Leverage modern AI and LLM-based tooling to streamline development and collection workflows
- Constantly and independently work to identify improvements and automation opportunities in the recaptured data workflow and ETL pipelines
- Participate in security research including investigation of threat actors, malware, and other critical research in support of SpyCloud’s priorities
- Mentor junior security researchers and engineers including providing code review and guidance on efficient code writing and professional development
Requirements:
- 6+ years experience in a Senior role within cybersecurity engineering
- 6+ years of professional software development experience, preferably in the cybersecurity industry
- Experience using AI/ML in development workflows
- Experience implementing AI/ML in data processing applications
- Highly skilled with Python. Golang proficiency a plus
- Experience building internal tooling and deploying using Infrastructure as Code technologies (we use Terraform and Ansible)
- Bachelor's degree, or equivalent experience, in Math, Science, Engineering, or Business fields
- Self-directed with the ability to identify and deliver on tasks without needing direct supervision
- Critical thinker that is comfortable supporting collaborative problem solving in a team environment
- Excellent communication skills
- Highly self-motivated, empathetic, curious, and flexible
- Experience working with large enterprises in delivery of security analytics products
- Experience in acquiring and processing malware-exfiltrated data
- Experience in using data science to analyze datasets for the purposes of detecting fraud or cyberthreats
- Experience with databases (relational or NoSQL) and designing efficient database architecture