One of the hardest things in life is finding the right place to work, where you can spend eight to ten hours a day doing something you enjoy and also pay your bills. I’ve been lucky enough in my life to find this type of place three times: HiverWorld, Farm9, and Sourcefire. Each one of these places had a number of attributes that made it appealing to me, and made it where I wanted to spend the vast majority of my time. Since I’m lucky (maybe unlucky) enough to be the guy responsible for the Sourcefire VRT, I’ve been able to take all the things that appealed to me about all these companies, and build a team where the people have all the right personality traits, and the environment has all of the right factors.

If the following 10 things appeal to you and describe the qualities you want in your co-workers and your workplace, then the VRT is interested in talking with you. Please submit your resume on Sourcefire’s website or send us a message at research@sourcefire.com

Submit Resume here

  • Passion (for the work) – Very few people are trained academically for vulnerability analysis, malware analysis, network engineering, or hacking. It is something that is learned by experience and experimentation. If you have dedicated your free time and lost countless days and nights perfecting some portion of it then you have the passion I’m talking about.
  • Good people – If you enjoy an environment were everyone around you is better than you at something and is willing to teach you their skill in exchange for your own, then the VRT might be the right place for you.
  • Goals – Clear definitions of strategic goals to the best of my ability and my managers’ abilities. If we can’t clearly explain the “why” then we won’t ask you to waste your time on it.
  • Belief – A group of people that share an intrinsic belief that it is possible to accomplish difficult, if not “currently” impossible, goals. More importantly, this belief is present not because of arrogance, but because of our experience proving that we actually can accomplish these goals.
  • Drive – A personal drive that exceeds the average. If you’ve worked on a problem for many months, still haven’t solved it, but truly believe you will shortly, you are either hard headed or have a lot of drive. Whether you’re pushing yourself by hitting your head on a wall, or just plain never giving up, you will most likely create a positive outcome.
  • Latitude – If you hate rules but understand personal responsibility, this might be the environment for you. You’ll get just enough rope to hang yourself, as long as you take responsibility for your own demise.
  • Trust – An environment were you can trust the people you work with to actually do what they say, do it to the best of their ability, and trust you to do the same.
  • Responsibility – For your actions and your words. If you broke it, you fix it. If you said you would do it, do it.
  • Risk – An environment where you are allowed to take risks in the pursuit of goals. Risk is the potential to fail and without failure there is no opportunity to learn. You will be able to take risks as long as you sign up for the responsibility of failing.
  • Leadership – You expect the people above you to actually lead, and trust them enough to actually follow them.
    If these ten things fit your personality, and describe the place you want to work, please see the job description below. When submitting your resume please include either a comment or something in your actual resume that references the fact that you read this post.

Title: Research Analyst

Basic Purpose

This role is primarily responsible for developing Snort rules and other protection mechanisms for Sourcefire products based on information from public and private vulnerability feeds. The researcher will work on a team of analysts that are responsible for rapidly developing the necessary protection methods to protect Sourcefire customers from emerging threats. Research analyst also work with a variety of fuzzing frameworks, exploit development tool kits, and code coverage tools to quickly developing PoC (Proof of Concept) test cases for public vulnerabilities.

Essential Duties and Responsibilities

  • Develop Snort rules, ClamAV signatures, and risk analysis reports for internal review and external customers.
  • Conduct vulnerability analysis and risk assessments on public and private vulnerabilities.
  • Develop PoC test cases for vulnerabilities based on the information provided for triggering the vulnerabilities.
  • Work with fuzzing tools and code coverage tools to develop threat profiles for open and closed source applications.
  • Debug false positives and false negatives in Snort rules and other protection mechanisms.
    Essential Education, Skill, and Environment Education and Work Experience
  • No previous work experience or formal education required.
    Required Knowledge and Skills
  • Experience configuring Windows and Linux/UNIX applications.
  • Strong analytical and troubleshooting skills.
  • Experience with TCP/IP and networking in general.
  • Intermediate knowledge of PERL, Python, and/or Ruby.
  • Ability to learn new skills and apply them in a rapidly changing, high-pressure environment.
    Preferred Knowledge and Skills
  • Experience with Snort & other network security tools.
  • Experience with network configuration and deployment.
  • Experience with PCRE or equivalent regular expression library.
  • Highly motivated and creative.
    Work Conditions
  • Works closely with software reverse engineers and research analysts to quickly develop Snort rules and other protection mechanisms based on the provided vulnerability details.
  • Moderate to high levels of stress will occur at times.
  • Fast paced and rapidly changing environment.
  • Extremely talented and experienced team members and mentors.
  • No special physical requirements.
  • Constant internal training, drinking games, and heated discussions.