Malware Analyst

OPPORTUNITY OVERVIEWZeroFox seeks a Malware Analyst to identify, analyze and mitigate malicious software threats affecting the Public Services Sector (PSS). We are looking for someone to apply their technical knowledge of malware families, associated vulnerabilities, etc, to the research of threat actors. 

Role and responsibilities

• Research malware utilized by threat actors to identify indicators of compromise (IOC), conduct attribution analysis, and assess potential impacts to clients
• Analyze malware and malware-related reporting to assess attribution, TTP, and other pertinent information in line with client information requirements
• Perform research on malware utilized by threat actor groups and provide input to written reports
• Identify IOC and utilize proprietary ZeroFox tools to catalog and assess associated vulnerabilities in networks of interest
• Research malware families and TTP in use by threat actor groups to identify and analyze trends in support of finished intelligence products

Required qualifications and skills

• Experience conducting malware analysis and research, typically obtained in 5+ years
• Background in malware analysis and knowledge of applicable tools and techniques
• General familiarity with threat actor groups and tactics, techniques, and procedures (TTP), such as ransomware gangs, advanced persistent threat groups, cyber crime groups, etc.
• Capable of conveying research and analysis in written formats 
• Comfort working in a small team environment with flexibility to engage in multiple processes
• Ability to utilize common malware analysis tools
• Meaningful experience using any combination of the following tool categories: Network Analysis, Suspicious File Analysis/Sandboxing, Reverse Engineering, Programming / Scripting
• Ability to apply malware analysis and research to threat actor activities and articulate findings in written / verbal formats

Desired qualifications and skills

• GIAC Reverse Engineer Malware (GREM) or Certified Ethical Hacker (CEH) or CISSP Certification
• Experience tracking threat actor groups
• Cybersecurity degree with emphasis on Information Assurance or Network Engineering (or equivalent experience)
• Experience working with US government organizations
• High degree of comfort operating on a small team 

Benefits

• Competitive compensation
• Community-driven culture with employee events
• Generous time off 
• Comprehensive health benefits & 401(k) plan
• Respectful and nourishing work environment, where every opinion is heard and everyone is encouraged to be an active part of the organizational culture

Interested?

• Ready to apply? Visit us at https://www.zerofox.com/careers to find out more and join the best team in the security industry.
• Not ready to apply? Email careers_at_zerofox_dot_com to speak with a member of the team!

Other Information

• This position will report to the Lead, Principal Analyst
• This position may entail up to 5 % travel
• This role will be based out of our office in Savannah, GA (hybrid)
• This role requires occasional work on nights and weekends as needed.

ABOUT ZEROFOXZeroFox’s mission is clear: we protect customers - their data, their assets and their people - across the internet. Through AI-powered technology, global intelligence collection and services provided by a team of expert analysts and threat hunters, we give customers the protection and intelligence needed to disrupt a new era of attacks on the surface, deep and dark web. Now is a great time to join the Fox Den: with $150M+ in funding to date, recognition from Forrester as best-in-class in brand intelligence and numerous awards and honors, joining the ZeroFox team means joining a culture that is committed to excellence and growth. That means committing to the success of each of our employees so you can be the best version of yourself on the best team. If you’re ready to join a team that is mission-oriented, customer-focused, collaborative and dedicated, you’ve come to the right place.
Equal Opportunity, Diversity & InclusionWe aim to build a team that represents a variety of backgrounds, perspectives, and skills. We embrace inclusion and ensure equal employment opportunity without discrimination or harassment based on race, color, religion, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity or expression, age, disability, national origin, marital or domestic/civil partnership status, genetic information, citizenship status, military or veteran status, or any other personal characteristic.