This website requires a modern browser to render properly. Please use a recent version of one of these browsers:

Careers
Join Our Team

Threat Intel Analyst

Do you like complex puzzles laced with mystery? Do you speak fluent STIX/TAXII? Do you obsess over TLP markings? We’ve been waiting for you!

We are looking for a motivated individual to work closely with our Security Operations Center (SOC) by bringing tailored threat intelligence insight to our SOC, threat hunting and incident response operations.

An ideal candidate meets the following guidelines:

Be located in, or willing to relocate to Austin, TX (sorry, not a remote position)
Avid researcher
Highly detail oriented and self-driven
Experience working in a SOC environment or incident response capacity
Experience with SIEM platforms
Experience with MITRE ATT&CK
Familiarity with threat rule formats such as Sigma, Suricata, Bro/Zeek, Yara, etc.
Experience with Common Information Model and other data standardization formats
Experience with intel sharing standards such as STIX, OpenIOC, MISP, etc.
Experience with various open source intel (OSINT) tools
Experience with vulnerability management
Familiarity with NIST Cyber Security Framework, CIS, and other industry standards
Experience with TheHive, Cortex, MISP, Graylog, Elastic Stack, osquery, sysmon

SecDevOps Architect

Do you like to get your hands dirty automating and deploying complex environments? Do you find yourself dreaming up infrastructure diagrams? Do you crave a challenge? We’ve been waiting for you!

We are looking for a motivated individual to support our SOC, threat hunting, and incident response operations.

An ideal candidate meets the following guidelines:

Highly detail oriented, self-driven, fast learner
Adept at identifying ways to improve infrastructure and reliability
Strong understanding of Agile/Scrum development methodology
Strong Linux and Windows skills
Experience with AWS (or similar cloud platforms/features) - EC2, VPC, CloudFormation, S3, RDS, ElastiCache, IAM, SNS, SQS, Cognito
Experience deploying and securing applications within cloud platforms
Knowledge of secure architecture and design principles
Experience with Graylog, Mongo, Elastic Stack, Redis, Kolide, MySQL, osquery, sysmon, TheHive, Cortex, MISP
Strong understanding of network fundamentals
Understanding of firewalls, proxies, load balancing
Familiarity with configuration management / automation tools - ex: Salt, Ansible, Packer
Familiarity with CI/CD tools - ex: CircleCI, Jenkins, or similar
Strong scripting skills with Python, Bash, or PowerShell

SecDevOps Engineer

Do you like working with complex environments? Do you find yourself getting lost in automation? Do you have a knack for server hardening and securing all the things? We’ve been waiting for you!

We are looking for a motivated individual to support our SOC, threat hunting, and incident response operations.

An ideal candidate meets the following guidelines:

Highly detail oriented, self-driven, fast learner
Experience with Linux and Windows
Strong knowledge of networking, firewalls, IDS/IPS
Experience with AWS (or similar cloud platforms/features) - EC2, VPC, CloudFormation, S3, RDS, ElastiCache, IAM, SNS, SQS, Cognito
Experience deploying and securing applications within cloud platforms
Preferred: experience with Graylog, Mongo, Elastic Stack, Redis, Kolide, MySQL, osquery, sysmon, TheHive, Cortex, MISP
Familiarity with configuration management / automation tools - ex: Salt, Ansible, Packer
Familiarity with CI/CD tools - ex: CircleCI, Jenkins, or similar
Experience with Python, Bash, PowerShell
  • If you are interested in working with our team, please submit a resume to careers@reconinfosec.com,
    with the position of interest in the subject line.