Malware Researcher / Reverse Engineer III - AWS, GuardDuty
US, TX, Virtual Location - Texas
Job summary
Members of the AWS GuardDuty team build customer-facing services that are designed to protect millions of customers around the globe. This is an advanced engineering team that is using cutting edge techniques to help customers assess, monitor and protect their cloud-based resources.
This position will be working on Amazon GuardDuty, which is a managed threat detection service that continuously monitors for malicious or unauthorized behavior to help customers protect their AWS accounts and workloads. It monitors for activity such as unusual API calls or potentially unauthorized deployments that indicate a possible account compromise. GuardDuty also detects potentially compromised instances or reconnaissance by attackers. (https://aws.amazon.com/guardduty/)
Key job responsibilities
* Research the latest malware detection evasion techniques, such as use of customized packers and anti-virus (AV) software bypassing. Based on research, you will design and develop signatures and tools to detect and mitigate those threats.
* Work with data scientists to help develop and test detections for attack patterns.
* Build tools and systems to analyze emerging threats.
* Work with customers in response to requests related to suspicious files or false positives that may require reverse engineering.
* Advise broader team on current threat landscape, tools & techniques.
* Influence others while demonstrating significant creativity.
A day in the life
As a Cyber Threat Intelligence Security Engineer, you will reverse engineer and analyze malware to evaluate complex malicious code to determine malware capabilities and purposes. The scope of this role includes researching attack patterns, building attack simulations, active testing of defense strategies, and mentoring data scientists and software engineers. You will interact with many internal security teams to keep up to date with the latest attack techniques.
* BS or MS in Computer Science, Math, or some other quantitative discipline
* 5+ years of experience with malware analysis, reverse engineering
* 5+ years of experience building automated tools in a modern programming language
* 3+ years of hands-on experience in the area of low-level software engineering, like C/C++ or Rust.
* Data-driven and quantitative mentality. Always backs up ideas with facts.
* Experience with virtualization technologies and familiarity with AWS services
* Strong knowledge of Linux tools and architecture
* Familiarity with reverse engineering tools such as IDA Pro, Ghidra, Windbg or Ollydbg
* Knowledge of modern exploitation techniques and methods for remaining stealthy
* Strong communication skills
* Desire and energy to work in a fast-paced environment
* Meeting/exceeding Amazon’s leadership principles requirements for this role
* Meeting/exceeding Amazon’s functional/technical depth and complexity for this role
Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status. For individuals with disabilities who would like to request an accommodation, please visit https://www.amazon.jobs/en/disability/us.
Members of the AWS GuardDuty team build customer-facing services that are designed to protect millions of customers around the globe. This is an advanced engineering team that is using cutting edge techniques to help customers assess, monitor and protect their cloud-based resources.
This position will be working on Amazon GuardDuty, which is a managed threat detection service that continuously monitors for malicious or unauthorized behavior to help customers protect their AWS accounts and workloads. It monitors for activity such as unusual API calls or potentially unauthorized deployments that indicate a possible account compromise. GuardDuty also detects potentially compromised instances or reconnaissance by attackers. (https://aws.amazon.com/guardduty/)
Key job responsibilities
* Research the latest malware detection evasion techniques, such as use of customized packers and anti-virus (AV) software bypassing. Based on research, you will design and develop signatures and tools to detect and mitigate those threats.
* Work with data scientists to help develop and test detections for attack patterns.
* Build tools and systems to analyze emerging threats.
* Work with customers in response to requests related to suspicious files or false positives that may require reverse engineering.
* Advise broader team on current threat landscape, tools & techniques.
* Influence others while demonstrating significant creativity.
A day in the life
As a Cyber Threat Intelligence Security Engineer, you will reverse engineer and analyze malware to evaluate complex malicious code to determine malware capabilities and purposes. The scope of this role includes researching attack patterns, building attack simulations, active testing of defense strategies, and mentoring data scientists and software engineers. You will interact with many internal security teams to keep up to date with the latest attack techniques.
Basic Qualifications
* BS or MS in Computer Science, Math, or some other quantitative discipline
* 5+ years of experience with malware analysis, reverse engineering
* 5+ years of experience building automated tools in a modern programming language
* 3+ years of hands-on experience in the area of low-level software engineering, like C/C++ or Rust.
Preferred Qualifications
* MS in Computer Science or Computer Engineering or related quantitative discipline* Data-driven and quantitative mentality. Always backs up ideas with facts.
* Experience with virtualization technologies and familiarity with AWS services
* Strong knowledge of Linux tools and architecture
* Familiarity with reverse engineering tools such as IDA Pro, Ghidra, Windbg or Ollydbg
* Knowledge of modern exploitation techniques and methods for remaining stealthy
* Strong communication skills
* Desire and energy to work in a fast-paced environment
* Meeting/exceeding Amazon’s leadership principles requirements for this role
* Meeting/exceeding Amazon’s functional/technical depth and complexity for this role
Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status. For individuals with disabilities who would like to request an accommodation, please visit https://www.amazon.jobs/en/disability/us.
Job regions:
Remote/Anywhere
North America
Job country:
United States
Job stats:
13
1
0
Other jobs like this
Explore more Cyber Security career opportunities
Find open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Analysis, Cryptography, Digital Forensics and Cybersecurity in general, filtered by job title or popular skill, toolset and products used.
- Open Cyber Security Engineer jobs
- Open Staff Application Security Engineer jobs
- Open Penetration Tester jobs
- Open Senior DevSecOps Engineer jobs
- Open Application Security Engineer/Architect jobs
- Open Senior Security Operations Engineer jobs
- Open Cyber Threat Intelligence Analyst jobs
- Open Head of Information Security jobs
- Open Senior Information Security Engineer jobs
- Open Lead Security Engineer jobs
- Open Staff Security Engineer jobs
- Open SOC Analyst jobs
- Open Cyber Security Analyst jobs
- Open Information System Security Officer (ISSO) jobs
- Open Cybersecurity Engineer jobs
- Open Senior Penetration Tester jobs
- Open Sr. Security Engineer jobs
- Open Senior Threat Intelligence Analyst jobs
- Open Cloud Security Automation Specialist jobs
- Open Offensive Security Engineer jobs
- Open Information Security Officer jobs
- Open Azure Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Cloud Security Operations Lead jobs
- Open Cybersecurity Analyst jobs
- Open DevOps-related jobs
- Open Application security-related jobs
- Open Analytics-related jobs
- Open Audits-related jobs
- Open PCI-related jobs
- Open OWASP-related jobs
- Open Threat intelligence-related jobs
- Open Clearance-related jobs
- Open Security assessments-related jobs
- Open IDS-related jobs
- Open Forensics-related jobs
- Open JavaScript-related jobs
- Open Splunk-related jobs
- Open Ruby-related jobs
- Open Encryption-related jobs
- Open CEH-related jobs
- Open CISM-related jobs
- Open GDPR-related jobs
- Open Agile-related jobs
- Open Threat detection-related jobs
- Open Open Source-related jobs
- Open OSCP-related jobs
- Open Intrusion detection-related jobs
- Open DevSecOps-related jobs
- Open Machine Learning-related jobs