Cybersecurity Threat Analyst

At Cowbell, our mission is to protect small to medium-sized enterprises by making cyber insurance accessible to all. Join our fast-growing team of diverse and passionate individuals on this mission to reinvent how businesses manage cyber risk and buy cyber insurance.

Cowbell is a fast-growing, next-generation cyber insurance provider, built on cutting-edge technology by a team of seasoned professionals united in their mission to achieve our ambitious goals. We believe in a people-first culture and know that great work isn’t done without a phenomenal team, so we make sure to reflect that in our core values, benefits & wellness program. 

In support of increasing demand, we are actively looking for ambitious people, who are not afraid of hard-work, ambiguity and a dash of chaos, to join our team and be part of a growing institution where they can hone their skills and develop new ones in a fun, challenging and dynamic environment.

If that sounds like you, we want to hear from you!

Cowbell Cyber is hiring a Cyber Security Researcher to join our Information Security team. 

Key Qualifications:

• Solid knowledge in networking and Internet protocols (OSI L4-L7).
• Experience with Ethical Hacking and Penetration Testing.
• Experience with security assessment tools, including Metasploit, Burp Suite Pro, Powersploit, Empire, CANVAS, Cobalt Strike or Core Impact, Kali Linux.
• Knowledge of NIST, CVE MITRE ATT&CK Framework, Cyber Kill Chain, Unify Kill Chain, OWASP,  etc.
• Develop automation/scripts for replicating TTPs, attack scenarios, and work with the AI/ML detection team to improve the detection
• Knowledge coding with Python. Experience/Interests in data mining.
• Motivated self-starter with experience in operating in various underground environments, to include hidden sites/forums.
• Understanding of technical terminology, tools, and tactics employed by threat actors.
• Comprehensive, practical knowledge of research/collection tradecraft.

Preferred:

• Experience with any of AWS Security Hub, Google Security Command Center, Microsoft Secure Score is a plus.
• Experience working with SIEMs (e.g. ArchSight, Splunk, Nitro, AlienVault, Rapid7. ...).
• Experience working with various Vulnerability Management Products.
• Visibility in security community, through tool development contribution, blogs, conference speaking etc.
• Proficient in developing, extending, or modifying exploits, shell code or exploits tools.
• Experience with linking many attack steps to complex attack scenarios.
• Good programming, problem solving and analytical skills.
• Minimum 3+ years of relevant experience.
• Fast learner on new attack methodology and skills.
• Experience with SQL and NoSQL database.

Education:

• Education: BA or BS/MA or MS in Computer Science, Computer Engineering, or other related fields
• Other technical security certifications (OSCP, OSCE, GWAPT, GPEN, GXPN, CISSP) or academic background a plus.

What Cowbell brings to the table:

• Winner of Inc. Magazine’s Annual List of Best Workplaces for 2022
• Nationwide medical, dental and vision coverage plus life insurance, long term disability and flexible spending accounts.
• Employee equity plan for all and wealth enablement plan for select customer facing roles.
• Comprehensive wellness program including unlimited PTO, monthly company-wide wellness days, wellness app subscriptions, lunch and learn, book club, get-togethers, lunch & communication stipends, happy hours and much more.