Malware Researcher / Reverse Engineer III - AWS, GuardDuty
US, TX, Virtual Location - Texas
Amazon.com
Free shipping on millions of items. Get the best of Shopping and Entertainment with Prime. Enjoy low prices and great deals on the largest selection of everyday essentials and other products, including fashion, home, beauty, electronics, Alexa...
Job summary
Members of the AWS GuardDuty team build customer-facing services that are designed to protect millions of customers around the globe. This is an advanced engineering team that is using cutting edge techniques to help customers assess, monitor and protect their cloud-based resources.
This position will be working on Amazon GuardDuty, which is a managed threat detection service that continuously monitors for malicious or unauthorized behavior to help customers protect their AWS accounts and workloads. It monitors for activity such as unusual API calls or potentially unauthorized deployments that indicate a possible account compromise. GuardDuty also detects potentially compromised instances or reconnaissance by attackers. (https://aws.amazon.com/guardduty/)
Key job responsibilities
* Research the latest malware detection evasion techniques, such as use of customized packers and anti-virus (AV) software bypassing. Based on research, you will design and develop signatures and tools to detect and mitigate those threats.
* Work with data scientists to help develop and test detections for attack patterns.
* Build tools and systems to analyze emerging threats.
* Work with customers in response to requests related to suspicious files or false positives that may require reverse engineering.
* Advise broader team on current threat landscape, tools & techniques.
* Influence others while demonstrating significant creativity.
A day in the life
As a Cyber Threat Intelligence Security Engineer, you will reverse engineer and analyze malware to evaluate complex malicious code to determine malware capabilities and purposes. The scope of this role includes researching attack patterns, building attack simulations, active testing of defense strategies, and mentoring data scientists and software engineers. You will interact with many internal security teams to keep up to date with the latest attack techniques.
* BS or MS in Computer Science, Math, or some other quantitative discipline
* 5+ years of experience with malware analysis, reverse engineering
* 5+ years of experience building automated tools in a modern programming language
* 3+ years of hands-on experience in the area of low-level software engineering, like C/C++ or Rust.
* Data-driven and quantitative mentality. Always backs up ideas with facts.
* Experience with virtualization technologies and familiarity with AWS services
* Strong knowledge of Linux tools and architecture
* Familiarity with reverse engineering tools such as IDA Pro, Ghidra, Windbg or Ollydbg
* Knowledge of modern exploitation techniques and methods for remaining stealthy
* Strong communication skills
* Desire and energy to work in a fast-paced environment
* Meeting/exceeding Amazon’s leadership principles requirements for this role
* Meeting/exceeding Amazon’s functional/technical depth and complexity for this role
Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status. For individuals with disabilities who would like to request an accommodation, please visit https://www.amazon.jobs/en/disability/us.
Members of the AWS GuardDuty team build customer-facing services that are designed to protect millions of customers around the globe. This is an advanced engineering team that is using cutting edge techniques to help customers assess, monitor and protect their cloud-based resources.
This position will be working on Amazon GuardDuty, which is a managed threat detection service that continuously monitors for malicious or unauthorized behavior to help customers protect their AWS accounts and workloads. It monitors for activity such as unusual API calls or potentially unauthorized deployments that indicate a possible account compromise. GuardDuty also detects potentially compromised instances or reconnaissance by attackers. (https://aws.amazon.com/guardduty/)
Key job responsibilities
* Research the latest malware detection evasion techniques, such as use of customized packers and anti-virus (AV) software bypassing. Based on research, you will design and develop signatures and tools to detect and mitigate those threats.
* Work with data scientists to help develop and test detections for attack patterns.
* Build tools and systems to analyze emerging threats.
* Work with customers in response to requests related to suspicious files or false positives that may require reverse engineering.
* Advise broader team on current threat landscape, tools & techniques.
* Influence others while demonstrating significant creativity.
A day in the life
As a Cyber Threat Intelligence Security Engineer, you will reverse engineer and analyze malware to evaluate complex malicious code to determine malware capabilities and purposes. The scope of this role includes researching attack patterns, building attack simulations, active testing of defense strategies, and mentoring data scientists and software engineers. You will interact with many internal security teams to keep up to date with the latest attack techniques.
Basic Qualifications
* BS or MS in Computer Science, Math, or some other quantitative discipline
* 5+ years of experience with malware analysis, reverse engineering
* 5+ years of experience building automated tools in a modern programming language
* 3+ years of hands-on experience in the area of low-level software engineering, like C/C++ or Rust.
Preferred Qualifications
* MS in Computer Science or Computer Engineering or related quantitative discipline* Data-driven and quantitative mentality. Always backs up ideas with facts.
* Experience with virtualization technologies and familiarity with AWS services
* Strong knowledge of Linux tools and architecture
* Familiarity with reverse engineering tools such as IDA Pro, Ghidra, Windbg or Ollydbg
* Knowledge of modern exploitation techniques and methods for remaining stealthy
* Strong communication skills
* Desire and energy to work in a fast-paced environment
* Meeting/exceeding Amazon’s leadership principles requirements for this role
* Meeting/exceeding Amazon’s functional/technical depth and complexity for this role
Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status. For individuals with disabilities who would like to request an accommodation, please visit https://www.amazon.jobs/en/disability/us.
Tags: APIs AWS C C++ Cloud Computer Science Ghidra Linux Malware OllyDbg Reverse engineering Rust Threat detection Threat intelligence
Regions:
Remote/Anywhere
North America
Country:
United States
Job stats:
27
4
0
Categories:
CloudSec Jobs
Research Jobs
Security Engineering Jobs
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Cyber Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Specialist jobs
- Open Product Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Staff Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open Cybersecurity Consultant jobs
- Open IT Security Analyst jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Senior Information Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Security Researcher jobs
- Open Cybersecurity Specialist jobs
- Open Senior Security Architect jobs
- Open Sr. Security Engineer jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open Security Clearance-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open Forensics-related jobs
- Open Kubernetes-related jobs