SOC Security Researcher

Fastly helps the world’s most popular digital businesses keep pace with their customer expectations by delivering fast, secure, and scalable online experiences. Businesses trust the Fastly edge cloud platform to accelerate the pace of technical innovation, mitigate evolving threats, and scale on demand.

The edge between clients and data presents a unique location to enforce security policies. Building on behavior- and content-based controls, edge resources can be used to defend modern web-based applications from threats of varying sophistications. The SOC security researcher will focus their efforts on understanding ever evolving web technologies and threats in order to help defend customer applications. By leveraging Fastly’s position, with some of the most exciting websites in the world, web security can grow to tremendous proportions as we address Internet-scale security threats. The security research team at Fastly focuses on creating novel capabilities for the organization - prototypes, algorithms, and insights especially. The team works with the rest of the security organization, product and engineering teams, along with our operations and customer facing parts of the organization to develop solutions to security threats faced on the Internet today. As we expand our capabilities, we seek new insights into web application risks, and to assist we’re hiring a web application security researcher.

* This role will be responsible for investigating threats as they impact web applications, such as novel attacks and new protocols, and how to effectively defend against them. * This role mixes exploit analysis and web application analysis together with security control development. * The candidate will assist the security product team with insights and knowledge to improve the product. * The SOC Security Researcher will explore new types of detection, including behavioral- and machine learning-based models, and leverage Fastly’s edge computing resources to defend some of the most interesting web properties today. * You will build systems that will be able to handle exponential growth in our existing products while laying groundwork for exciting new applications. * You will have the opportunity to work on some of the world’s most highly-scaled distributed systems that handle around 2 million request per second. * The candidate will primarily work with two main groups. The first is the security team, including the security research team. The second is our SOC team. * The role may also interface to operations and product teams. In this research role, the candidate will be tasked with widely exploring new technologies to ensure our security product is capable of defending the web’s most exciting properties.

**To be effective in this role, you’ll benefit from experience in any or all of the following:** * Web application exploit analysis, such as file include or SQL injection vulnerabilities * Web application technologies like Ruby on Rails, Django, PHP and JS * Web application security tools such as mod_security * Working within cross-functional research and product teams **We value a variety of voices, so this is not a laundry list. You’ll be a good candidate if you have experience and/or interest in SOME of these:** * Linux/UNIX systems, both high and low level * TCP/IP networking, in particular HTTP networking * Familiarity with the OWASP Core Ruleset and mod_security ruleset * Exploit reverse engineering * Log and packet dump analysis * Regular expressions and policy engines * Coding experience, including languages such as Python, R, Julia, Java or Scala, or the like An existing body of work, no matter how small, is greatly appreciated to demonstrate your capabilities and interest in the field. A candidate needn’t be a software engineer but is expected to sometimes use coding to develop and communicate their results and possible prototypes.