At Cowbell, our mission is to protect small to medium-sized enterprises by making cyber insurance accessible to all. Join our fast-growing team of diverse and passionate individuals on this mission to reinvent how businesses manage cyber risk and buy cyber insurance.
Cowbell is a fast-growing, next-generation cyber insurance provider, built on cutting-edge technology by a team of seasoned professionals united in their mission to achieve our ambitious goals. We believe in a people-first culture and know that great work isn’t done without a phenomenal team, so we make sure to reflect that in our core values, benefits & wellness program.
In support of increasing demand, we are actively looking for ambitious people, who are not afraid of hard-work, ambiguity and a dash of chaos, to join our team and be part of a growing institution where they can hone their skills and develop new ones in a fun, challenging and dynamic environment.
If that sounds like you, we want to hear from you!
Cowbell Cyber is hiring a Cyber Security Researcher to join our Information Security team.
Key Qualifications:
- Solid knowledge in networking and Internet protocols (OSI L4-L7).
- Experience with Ethical Hacking and Penetration Testing.
- Experience with security assessment tools, including Metasploit, Burp Suite Pro, Powersploit, Empire, CANVAS, Cobalt Strike or Core Impact, Kali Linux.
- Knowledge of NIST, CVE MITRE ATT&CK Framework, Cyber Kill Chain, Unify Kill Chain, OWASP, etc.
- Develop automation/scripts for replicating TTPs, attack scenarios, and work with the AI/ML detection team to improve the detection
- Knowledge coding with Python. Experience/Interests in data mining.
- Motivated self-starter with experience in operating in various underground environments, to include hidden sites/forums.
- Understanding of technical terminology, tools, and tactics employed by threat actors.
- Comprehensive, practical knowledge of research/collection tradecraft.
Preferred:
- Experience with any of AWS Security Hub, Google Security Command Center, Microsoft Secure Score is a plus.
- Experience working with SIEMs (e.g. ArchSight, Splunk, Nitro, AlienVault, Rapid7. ...).
- Experience working with various Vulnerability Management Products.
- Visibility in security community, through tool development contribution, blogs, conference speaking etc.
- Proficient in developing, extending, or modifying exploits, shell code or exploits tools.
- Experience with linking many attack steps to complex attack scenarios.
- Good programming, problem solving and analytical skills.
- Minimum 3+ years of relevant experience.
- Fast learner on new attack methodology and skills.
- Experience with SQL and NoSQL database.
Education:
- Education: BA or BS/MA or MS in Computer Science, Computer Engineering, or other related fields
- Other technical security certifications (OSCP, OSCE, GWAPT, GPEN, GXPN, CISSP) or academic background a plus.
What Cowbell brings to the table:
- Winner of Inc. Magazine’s Annual List of Best Workplaces for 2022
- Nationwide medical, dental and vision coverage plus life insurance, long term disability and flexible spending accounts.
- Employee equity plan for all and wealth enablement plan for select customer facing roles.
- Comprehensive wellness program including unlimited PTO, monthly company-wide wellness days, wellness app subscriptions, lunch and learn, book club, get-togethers, lunch & communication stipends, happy hours and much more.