About ENEA Qosmos division

Qosmos Deep Packet Inspection (DPI)-based technology identifies data traveling over networks in real time, providing a true picture of the traffic by identifying protocols, types of application, and extracting additional information in the form of metadata. Qosmos DPI engine recognizes over 3800 protocols and can extract over 5000 metadata - more than any other on the market. Equipment makers, telco and enterprise software vendors use the technology to gain application visibility, accelerate time to market and benefit from continuous signature updates.

Qosmos is also redefining Performance and Time-to-Market for Intrusion Detection Systems (IDS) via its Qosmos Threat Detection SDK, which helps cybersecurity software developers jump-start IDS development and boost the threat detection performance of their solutions. The Qosmos TD SDK embeds core functionalities from the industry’s best-in-breed IDS, Suricata, in a software development kit (SDK) that integrates tightly with Qosmos DPI engine.

Listed on NASDAQ OMX Nordic Exchange Stockholm AB, Enea is an open-company ready for the open-source ecosystem, a company that understand, support and promote the daily needs and aspirations of its team members.

The Role

As a Cybersecurity expert in Threat Research & Detection, you will collaborate with an innovative, collaborative, industry-leading R&D team, and you will contribute to implement the company’s strategy in cybersecurity with the following responsibilities:

• Lead the setup & automation of a cybersecurity lab for malware & TTP’s analysis, experimentation and training purposes.
• Lead malware analysis, extract malware IOC’s & TTP’s, and produce high-fidelity detection signatures.
• Participate in research related to machine learning-based threat and anomaly detection focusing on network traffic.
• Contribute to the design of new cybersecurity-oriented products/features on top Qosmos NG DPI.
• Educate, train, and provide guidance to R&D team members on key cybersecurity subjects.
• Carryout experiments and prototyping to determine feasibility of solutions to complex engineering problems.
• Contribute to conversations on product strategy and direction.

What You Bring To The Team

• An expertise and a passion for threat research & detection, and a deep understanding of the cybersecurity threat landscape.
• Ability to qualify and develop high quality detection signatures based on analysis of malicious behavior. proficiency in writing Suricata rules is highly appreciated.
• Experience with systems such as IDPS, NDR, XDR, SIEM or SOAR.
• Familiarity with existing TTP frameworks (MITRE ATT&CK, Cyber Kill Chain)
• Strong communication & collaboration skills.
• Willingness to get things done, take initiative and challenge existing assumptions and conventions.

Experience in any of the following will be a big plus :

• Experience in applying Machine Learning/Deep Learning techniques to detecting network threats or network anomalies.
• Experience with one or more of the following programming languages: Python, C, Rust.