Trend Micro IoT Reputation Service (IoTRS) analyzes billions of transactions every day collected from tens of millions of sensors and devices from all over the world. With big data analytics and machine learning, a bulk list of insecure IoT/ICS connections is generated and queried in real-time to help protect against malicious or compromised IoT/ICS devices. Our mission is to ensure people and organizations are protected against the botnet-like activity we saw with the honeypots and the similar attacks we will likely see from and against IoT/ICS devices.

We are seeking an experienced Threat Researcher to broaden our end-to-end data processing pipeline on AWS that collects and processes the massive volume of data from IoT/ICS devices and honeypots. The ideal candidate will be a self-motivated engineer with a solid background in network security and AWS.

1. Handle and enrich data processing pipeline that collect and process 250 GB of data per day which is sent from millions IoT/ICS devices on Amazon Web Services (AWS).

2. Generate insight reports based on the processed data to point out the IoT/ICS threat trends or describe the IoT/ICS attack campaigns.

3. Explore petabytes of REAL data collected from real-world and Work closely with other teams, data analysts, threat experts, and marketing team to achieve business objectives.

Must have:

1. Master degree or above in Computer Science or related fields

2. 3+ year experience in software development or penetration testing

3. Solid knowledge of either one of programming languages such as Python or C/C++

4. Master in network traffic analysis tool (eg. Wireshark), or protocols like HTTP, DNS, ModBus, etc.

5. A self-motivated fast learner with good teamwork and problem-solving skill

Nice to have:

1. 3+ yrs experience in software development, or 1+ yrs experience in signature/pattern development.

2. Experience with CIM, Industrial Control System (ICS), or SCADA is a plus.

3. Snort rules development, software reverse engineering for x86/ARM/MIPS, or exploit development.

4. The speaker of security conferences (e.g., BlackHat/Defcon/HITB/Hitcon/BSides and so on)

5. The International CTF (capture the flag; https://ctftime.org/ctf-wtf/) contest team member

6. Experience with AWS and data engineering

7. ICS CVE owner

8. Experienced Malware Reversing or unpacking

9. Fluent English in reading and writing, or TOEIC score of 600+.

10. Good problem solving or hands-on skills.