Careers

We are currently looking for the following profiles. You can apply by sending your curriculum vitae to careers@certego.net.

Threat Intelligence Developer (ref: TID)

Who is your team

You will be part of the Threat Intelligence R&D Team, who strives every day to keep Certego ahead from the threat actors with the generation of actionable information for our analysts and our customers.

Your activities will consist of:

  • participating in the development, deployment and maintenance of our Threat Intelligence Platform and all other related existing projects (honeypots, sandboxes, analyzers, etc.)
  • participating in the design and creation of new software solutions, both open source and proprietary
  • working closely with our Threat Intelligence Analysts to continuously improve our TI solutions based on their feedback
  • working with a variety of technologies from the full application stack

What we expect from you

  • At least 1 year of experience in Software Development
    • We will also take into consideration profiles with no experience in those subjects but with a strong and proven motivation
  • Master's degree in Computer Engineering or Information Sciences; alternatively, specific experience in the fields above, to be evaluated during the interviews.
  • Knowledge of spoken and written English (level B2 written, B2 spoken)
  • Basic knowledge of spoken and written Italian (not mandatory)
  • Ability to manage and organize your work independently
  • Relational and communicative skills
  • Predisposition to team work
  • Attitude to learning and constant desire to develop new skills

The following technical skills will constitute a plus:

  • Experience in open source software development
  • Experience with:
    • Python and Django
    • Javascript and ReactJS
    • NoSQL databases (MongoDB, ElasticSearch, …)
    • Docker
    • Linux
  • Experience in cyber security related subjects

What we offer

Training:

  • Technical training: on reference technologies through certifications and participation in courses and events
  • Training on the job: coached by more experienced colleagues
  • Soft skills: we think professionalism is not only a matter of technical skills, so you will be trained on transversal skills (e.g. time management, team working, etc.)

Work environment:

  • Young
  • Innovative
  • Close-knit
  • Collaborative

Placement and remuneration will be commensurate with your skills and potential.

The workplace is Via F. Lamborghini 81, Modena, MO (Italy); we are available to evaluate forms of smart working and fully remote positions. Working hours are in the Central European Time Zone but we are open to different solutions.

Developer and Security Engineer (ref: DSE)

Who is your team

You will be part of our Attack Detection Team, who is in charge of the development, deployment and management of all components of the PanOptikon SOAR Platform used to detect attacks and orchestrate and automate response actions.

Your activities will consist of:

  • Collaborating with the Lead Engineer and other components of the Attack Detection Team for the development of all software components in our Sensors: research and development of new methodologies, improvement of the existing ones.
  • Developing and maintaining all connectors and with third party technologies, both in the cloud and on-premises (e.g. integration modules with Amazon AWS, Microsoft 365, etc).
  • Taking part in the design and development of new functionalities and new modules, in collaboration with our Threat Intelligence and Threat Research teams.
  • Collaborating to the design and management of the software release and continuous development processes: you will keep stable and secure the system rolling out new software releases on our 150+ appliances.

What we expect from you

  • At least two years of experience one of the following fields:
    • Security Operations Center or Incident Response Team;
    • Malware Analysis, Reverse Engineering;
    • Software Development, especially if related to Cyber Security.
  • Master's degree in Computer Engineering or Information Sciences; alternatively, specific experience in the fields above, to be evaluated during the interviews.
  • Knowledge of spoken and written English (level B1 written, A2 spoken)
  • Basic knowledge of spoken and written Italian (not mandatory)
  • Relational and communicative skills
  • Ability to manage and organize your work independently
  • Predisposition to team work
  • Attitude to learning and constant desire to develop new skills

The following technical skills will constitute a plus:

  • Good knowledge of the following technologies:
    • Python and Django;
    • Docker;
    • Elasticsearch;
    • Salt Stack or any other configuration management solution;
    • Linux.
  • Knowledge of Network- and Host-based IDS and IPS, vulnerabilities and attack techniques.
  • Knowledge of Cloud SaaS and IaaS environments and their peculiarities, also in terms of security.

What we offer

Training:

  • Technical training: on reference technologies through certifications and participation in courses and events
  • Training on the job: coached by more experienced colleagues
  • Soft skills: we think professionalism is not only a matter of technical skills, so you will be trained on transversal skills (e.g. time management, team working, etc.)

Work environment:

  • Young
  • Innovative
  • Close-knit
  • Collaborative

Placement and remuneration will be commensurate with your skills and potential.

The workplace is Via F. Lamborghini 81, Modena, MO (Italy); we are available to evaluate forms of smart working and fully remote positions. Working hours are in the Central European Time Zone but we are open to different solutions.

Threat Intelligence Engineer (ref: TIE)

Who is your team

You will be part of the Threat Intelligence R&D Team, who strives every day to keep Certego ahead from the threat actors with the generation of actionable information for our analysts and our customers.

Your activities will consist of:

  • Collaborating with the Lead Engineer and other components of the team for the development of the components of the Threat Intelligence Platform and all other related projects (honeypots, sandboxes, analyzers, etc.);
  • Researching smart and efficient ways to automate the generation of valuable and actionable threat intelligence information;
  • Following the threat landscape by monitoring threat actors targeting our customers;
  • Performing basic-to-advanced malware analysis and reverse engineering;
  • Writing new detection logic, and maintain already existing one, for the malware sandboxes and the reputation services;
  • Writing internal reports and public articles in the blog;
  • Participating in public presentations.

What we expect from you

  • At least 1 year of experience in Malware Analysis or Threat Intelligence.
    • We will also take into consideration profiles with no experience in those subjects but with a strong and proven motivation.
  • Master's degree in Computer Engineering or Information Sciences; alternatively, specific experience in the fields above, to be evaluated during the interviews.
  • Knowledge of spoken and written English (level B2 written, B2 spoken).
  • Basic knowledge of spoken and written Italian (not mandatory).
  • Relational and communicative skills.
  • Ability to manage and organize your work independently.
  • Predisposition to team work.
  • Attitude to learning and constant desire to develop new skills.

The following technical skills will constitute a plus:

  • One or more of the following GIAC certifications: GREM, GCTI, GDAT
  • Experience with disassemblers or debugger tools
  • Experience in incident response or digital forensics
  • Experience with:
    • Python & Django
    • Elasticsearch
    • Docker
    • Linux

What we offer

Training:

  • Technical training: on reference technologies through certifications and participation in courses and events
  • Training on the job: coached by more experienced colleagues
  • Soft skills: we think professionalism is not only a matter of technical skills, so you will be trained on transversal skills (e.g. time management, team working, etc.)

Work environment:

  • Young
  • Innovative
  • Close-knit
  • Collaborative

Placement and remuneration will be commensurate with your skills and potential.

This is a fully remote, worldwide position and any time zone will do. If you prefer to work on site, we have a desk for you in our Headquarters in Via F. Lamborghini 81, Modena, MO (Italy).

Threat Research Engineer (ref: TRE)

Who is your team

You will be part of the Threat Research Team, who works every day to analyze new malicious software and new attack techniques, in order to provide the rest of the teams with actionable information that can be used for the detection, analysis, containment, removal and prevention of cyber attacks.

Your activities will consist of:

  • Continuously testing and evaluating open and closed source security solutions in real case scenarios;
  • Performing Purple Team activities: use our Malware Analysis lab to study the behavior of new malware strains and replicate new attack techniques, in order to observer how to detect, analyze, block and remove them;
  • Expanding and maintaining our virtual test lab: OS, software and specific tools needed for our tests;
  • Writing new detection rules and maintaining already existing ones for all the technologies we manage (EDRs, IDS, Log correlation and experimental tools);
  • Developing custom tools and modules related to Threat Hunting, Incident Response and Mitigation;
  • Writing and maintaining Playbooks that cover advanced attack scenarios;
  • Performing advanced Incident Response in complex scenarios;
  • Writing internal reports and public articles on our blog, regarding new interesting attack techniques, new malware strains, etc;
  • Participating in public presentations and conferences.

What we expect from you

  • At least 3 years of experience in one or more of the following areas.
    • Purple Team
    • Red Team
    • Signatures Development
    • Malware Analysis
    • Reverse Engineering
    • Operating System internals (especially from a security prospective)
    • Low level security programming
    • Low level network programming
  • We will also take into consideration profiles with no experience in those subjects but with a strong and proven motivation.
  • Knowledge of spoken and written English (level B2 written, B2 spoken).
  • Basic knowledge of spoken and written Italian (not mandatory).
  • Relational and communicative skills.
  • Ability to manage and organize your work independently.
  • Predisposition to team work.
  • Attitude to learning and constant desire to develop new skills.
  • Strong motivation.

The following technical skills will constitute a plus:

  • Master's degree in Computer Engineering or Information Sciences
  • RedTeam certifications: GPEN, GWAPT, GXPN, GCPN
  • Purple Team certifications: GDAT, GFACT
  • (Almost) all SANS and Offensive Security certifications related to the skills listed above
  • Experience with disassemblers or debugger tools
  • Experience in incident response, threat hunting and digital forensics
  • Experience in OS internals/development
  • Experience in attack techniques
  • Experience in detection/response/prevention/mitigation logic and tools
  • Experience with Python, Powershell, Bash, Batch
  • Experience with C, C++, Rust, ASM and shellcode development
  • Experience with advanced layer 7 network protocols ( ex. DCERPC/SMB/WinRM/Kerberos/LDAP/Netbios/LLMNR ...)
  • ELK stack
  • Linux and Windows

What we offer

Training:

  • Technical training: on reference technologies through certifications and participation in courses and events
  • Training on the job: coached by more experienced colleagues
  • Soft skills: we think professionalism is not only a matter of technical skills, so you will be trained on transversal skills (e.g. time management, team working, etc.)

Work environment:

  • Young
  • Innovative
  • Close-knit
  • Collaborative

Placement and remuneration will be commensurate with your skills and potential.

The workplace is Via F. Lamborghini 81, Modena, MO (Italy); we are available to evaluate forms of smart working and fully remote positions. Working hours are in the Central European Time Zone but we are open to different solutions.

Cyber Security Analyst and Delivery Engineer (ref: CSADE@UTC+1)

Who is your team

You will be part of the Certego Incident Response Team and will assist your colleagues during the activation of new Customers, and during analysis and response to cyber security incidents on Customer networks. In particular, you will contribute:

  • to the delivery and activation of new Customers, or new services on existing Customers;
  • to the analysis and response to IT incidents on Customer networks;
  • to study the threat landscape, in order to optimize the detection capabilities of the Certego PanOptikon platform;
  • to the study of new detection techniques;
  • to the creation of tools aimed at making the Incident Response Team operations more efficient;
  • to the analysis and reporting of vulnerabilities exposed by Customer networks;
  • to the development of the relationship with customers, through the generation of security reports and the presentation of the same.

What we expect from you

  • Bachelor's Degree in Engineering or Computer Science; alternatively, a high school diploma followed by specific experience or training in cyber security
  • Participation in courses specific to the role of Cyber Security Analyst or Penetration Tester will constitute a plus
  • Good knowledge and experience from 2 to 5 years in the following areas:
    • Linux operating system
    • basic networking (network protocols, ISO/OSI model)
    • basic scripting (e.g. Python, bash)
    • network and host IPS/IDS
    • vulnerabilities and attack techniques
  • Malware analysis skills will be a plus
  • Good knowledge of spoken and written Italian is required for this position
  • Knowledge of spoken and written English (level B1 written, A2 spoken)
  • Relational and communicative skills
  • Ability to manage and organize your work independently
  • Predisposition to team work
  • Attitude to learning and constant desire to develop new skills

What we offer

Training:

  • Technical training: on reference technologies through certifications and participation in courses and events
  • Training on the job: coached by more experienced colleagues
  • Soft skills: we think professionalism is not only a matter of technical skills, so you will be trained on transversal skills (e.g. time management, team working, etc.)

Work environment:

  • Young
  • Innovative
  • Close-knit
  • Collaborative

Placement and remuneration will be commensurate with your skills and potential.

The workplace is Via F. Lamborghini 81, Modena, MO (Italy); we are available to evaluate forms of smart working. Working hours are in the Central European Time Zone.

Cyber Security Analyst - UTC+9 (ref: CSA@UTC+9)

Who is your team

You will be part of the Certego Incident Response Team and will assist colleagues in the analysis and response to cyber security incidents on Customer networks. In particular, you will contribute:

  • to the analysis and response to IT incidents on Customer networks
  • to study the threat landscape, in order to optimize the detection capabilities of the Certego PanOptikon platform
  • to the study of new detection techniques
  • to the creation of tools aimed at making the Incident Response Team operations more efficient
  • to the analysis and reporting of vulnerabilities exposed by Customer networks
  • to the development of the relationship with customers, through the generation of security reports and the presentation of the same.

What we expect from you

  • Bachelor's Degree in Engineering or Computer Science; alternatively, a high school diploma followed by specific experience or training in cyber security
  • Participation in courses specific to the role of Cyber Security Analyst or Penetration Tester will constitute a plus
  • Good knowledge and experience from 2 to 5 years in the following areas:
    • Linux operating system
    • basic networking (network protocols, ISO/OSI model)
    • basic scripting (e.g. Python, bash)
    • network and host IPS/IDS
    • vulnerabilities and attack techniques
  • Malware analysis skills will be a plus
  • Knowledge of spoken and written English (level B1 written, A2 spoken)
  • Relational and communicative skills
  • Ability to manage and organize your work independently
  • Predisposition to team work
  • Attitude to learning and constant desire to develop new skills

What we offer

Training:

  • Technical training: on reference technologies through certifications and participation in courses and events
  • Training on the job: coached by more experienced colleagues
  • Soft skills: we think professionalism is not only a matter of technical skills, so you will be trained on transversal skills (e.g. time management, team working, etc.)

Work environment:

  • Young
  • Innovative
  • Close-knit
  • Collaborative

Placement and remuneration will be commensurate with your skills and potential.

This is a fully remote, worldwide position; working hours are in the UTC+9 zone (East Asia, Oceania).

Cyber Security Analyst - UTC-7 (ref: CSA@UTC-7)

Who is your team

You will be part of the Certego Incident Response Team and will assist colleagues in the analysis and response to cyber security incidents on Customer networks. In particular, you will contribute:

  • to the analysis and response to IT incidents on Customer networks
  • to study the threat landscape, in order to optimize the detection capabilities of the Certego PanOptikon platform
  • to the study of new detection techniques
  • to the creation of tools aimed at making the Incident Response Team operations more efficient
  • to the analysis and reporting of vulnerabilities exposed by Customer networks
  • to the development of the relationship with customers, through the generation of security reports and the presentation of the same.

What we expect from you

  • Bachelor's Degree in Engineering or Computer Science; alternatively, a high school diploma followed by specific experience or training in cyber security
  • Participation in courses specific to the role of Cyber Security Analyst or Penetration Tester will constitute a plus
  • Good knowledge and experience from 2 to 5 years in the following areas:
    • Linux operating system
    • basic networking (network protocols, ISO/OSI model)
    • basic scripting (e.g. Python, bash)
    • network and host IPS/IDS
    • vulnerabilities and attack techniques
  • Malware analysis skills will be a plus
  • Knowledge of spoken and written English (level B1 written, A2 spoken)
  • Relational and communicative skills
  • Ability to manage and organize your work independently
  • Predisposition to team work
  • Attitude to learning and constant desire to develop new skills

What we offer

Training:

  • Technical training: on reference technologies through certifications and participation in courses and events
  • Training on the job: coached by more experienced colleagues
  • Soft skills: we think professionalism is not only a matter of technical skills, so you will be trained on transversal skills (e.g. time management, team working, etc.)

Work environment:

  • Young
  • Innovative
  • Close-knit
  • Collaborative

Placement and remuneration will be commensurate with your skills and potential.

This is a fully remote, worldwide position; working hours are in the UTC-7 zone (North America/Pacific).