See more Research Science jobs →

← Back to all jobs

Threat Research Engineer


Headquarters: Arlington, VA
See all Endgame jobs →

About the team...

Endgame’s Research team creates novel technologies which allow the Endgame platform to protect customers against advanced adversaries. The team includes data scientists, reverse engineers, adversary experts, and seasoned incident response and hunt operators all working together to produce some of the industry’s most powerful signatureless detection methods. Endgame Research delivers new capabilities directly into the Endgame product, allowing Endgame to innovate more rapidly than anyone else in the industry. We are also open, encouraging team members to share publicly and release free tools which have an impact beyond the Endgame customer base. If you want to work on innovative research with brilliant teammates and see your creations directly enabling Endgame customers to stop attacks, join our team.

About the role...

Endgame is seeking a Threat Research Engineer in our Research and Development team. Our threat research engineering work is experimental as well as applied, with a focus on collecting and processing massive quantities of data on a continual basis, underpinning and enabling Endgame’s advanced computer security research. You develop and maintain our data ingest and processing pipeline, comprised of commercial, open source and internally developed tools. You identify and implement improvements to our internal services, infrastructure, data sources, data collection and analysis tools in close collaboration with researchers and other Endgame teams. You also work to automate the creation and evaluation of our malware classification and other machine learning models. In short, do what’s required to keep the research flowing.

About you...
  • Proficiency in at least Python, OCaml, Rust or C, with the ability to pick up a new language and rapidly make use of it
  • Experience writing and managing distributed tools and REST microservices
  • Experience writing and managing data management and processing pipelines
  • Functional programming experience is a major plus. Minimally require an interest in and willingness to learn OCaml
  • Experience with one or more of: AWS, SQL, Docker, or cross-platform development and deployment
  • Ability to work in a fast paced and highly autonomous environment as part of a geographically distributed team