Senior Malware Researcher
Cambridge, Massachusetts, United States
Applications have closed
ReversingLabs
Software Supply Chain Security, Threat Intelligence, and Threat Analysis Solutions toAt ReversingLabs, our application security and threat intelligence solutions have become essential to advance Cybersecurity around the globe. We're now on a journey to expand adoption and accelerate growth, funded by our recent Series B investment, to hire top talent across the security industry.
This is a game changing opportunity. We know every application threatens businesses with new supply chain risks. ReversingLabs is the only company that can dissect any binary at the speed, scale and explainability to protect the enterprise end-to-end.
Our vision is clear. Arming every company with the insight to ensure every piece of software built or bought is secure and can be trusted, and that every threat is detected. We are seeking extraordinary talent to help forge this transformational journey at ReversingLabs.
You as the Senior DevOps Engineer will be based in the United States (Boston-area or remote) to provide Kubernetes matter expertise for our AWS, Azure and Google Cloud deployments by providing monitoring and production support for the Kubernetes clusters.
What you will do
- Analyzes and/or reverse-engineers the behavior of malware using both static and dynamic tools and techniques.
- Provides subject matter expertise in the detection, analysis and mitigation of malware, trends in malware development and capabilities, and proficiency with malware analysis capabilities.
- Supports the maintenance of malware analysis platforms and tool sets, identifies requirements for new malware analysis capabilities, and contributes to the development of new malware analysis tools and techniques.
- Produces reports detailing attributes and functionality of malware, including indicators that can be used for malware identification/detection, the relationship between a given sample of malware and other known samples/families of malware, and notable features that indicate the origin or sophistication of the malware and its authors.
- Recommends counter measures to malware and other malicious type code and applications that exploit customer communication systems.
- Track spam campaigns to produce intelligence including extracting indicators and TTPs.
- Monitor cyber-crime landscape to identify new malware families as well as changes to existing malware families.
- Hunting different threats including malicious documents, scripts and executables.
- Writing/updating YARA repository to improve hunting capabilities.
- Produce high quality technical reports/blogs on cyber-crime activities.
- Perform static and dynamic analysis of threats.
- Research new methods to improve malware analysis procedures/systems.
- Collaborate with threat intel analysts to help prioritize detection capabilities and provide raw intel for further analysis and reporting
- Stay up to date on malware families and modify existing rules as necessary
- Document attack capabilities, understand its propagation characteristics, and define signatures for detection
- Operate semi-autonomously to conduct collection, create solutions and support intelligence production per the standard operating procedures, with minimal guidance from your supervisors
Requirements
- Malware operations experience
- Understanding of threat detection
- Knowledge of research/collection skills and analytical methods
- General understanding of threat/risk management and threat/risk assessment
- Experience in a security operations center or similar environment responding to incidents
- Familiarity with tools used in cyber-intrusions
- 5+ years experience conducting dynamic and static analysis of malicious software
- Experience using disassemblers, decompilers and debuggers
- Experience analyzing malicious documents and obfuscated scripts
- Experience unpacking samples and reconstructing code logic
- Experience analyzing shellcodes
- Understanding of Windows OS internals
- Experience writing YARA rules
- Familiar with using MITRE ATT&CK
- Have strong knowledge of cyber-crime malware families and groups
- Familiar with most common and exploited CVEs
- Excellent writing skills
- Willingness to present at top tier security conferences
- Familiar with underground forums
- Capable of automating tasks with Python scripting
- Familiarity with host- based operating system APIs
- Ability to apply confidence and severity scoring to heuristic detections
- Threat Hunting and incident response experience
- Ability to work independently with little support
- Strong analytical and problem-solving skills
- Self-motivated to improve knowledge and skills
- Ability to work and collaborate in a remote team
- Customer enabled and focused
- Bachelor’s degree Computer Science, Information Technology, or related field or equivalent experience
- Experience refining source information and raw data into intelligence products
- Knowledge of malware packers, obfuscation techniques, and exploit kits
- Deep understanding of operating systems internals and the Windows API
Benefits
Benefits
- Competitive salary (base & bonus)
- Health, vision, dental, disability, life insurance, 401k
- Commuter reimbursement
- Challenging projects in a dynamic, collaborative team
- Great career advancement opportunities - ReversingLabs encourages internal promotion
ReversingLabs was founded in 2009 with the mission to offer the ultimate threat detection solutions. Our security products are used by some of the largest organizations in the world, including 2 of the top 3 banks, 4 of the top 6 software companies, and 2 of the top 6 insurance companies. We have been honored with numerous awards including the 2021 SC Media Trust Award for Best Threat Intelligence Technology, a 2021 Top Black Unicorn Award, a 2020 Stevie Award, and the 2017 JPMorgan Chase Hall of Innovation Award for our truly unique malware and explainable threat intelligence products. Our pioneering technologies, exceptional products, and successful customer deployments also drove investments in ReversingLabs by some of the savviest investors in the world. With offices in the United States and Croatia, ReversingLabs is poised to achieve rapid growth and deliver groundbreaking innovation in 2021.
Tags: APIs Application security AWS Azure Cloud Computer Science DevOps Exploit GCP Incident response Kubernetes Malware MITRE ATT&CK Monitoring Python Risk assessment Risk management Scripting Threat detection Threat intelligence TTPs Windows
Perks/benefits: Career development Competitive pay Conferences Health care Insurance Startup environment
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Staff Security Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Security Analyst jobs
- Open Security Operations Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Cyber Security Engineer jobs
- Open Product Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Cyber Security Specialist jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Cybersecurity Analyst jobs
- Open Principal Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Specialist jobs
- Open IT Security Analyst jobs
- Open Chief Information Security Officer jobs
- Open Security Researcher jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open IT Security Engineer jobs
- Open Senior Cyber Security Specialist jobs
- Open Agile-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open CISM-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open SaaS-related jobs
- Open Threat intelligence-related jobs
- Open CISA-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open Security Clearance-related jobs
- Open EDR-related jobs
- Open Malware-related jobs
- Open IDS-related jobs
- Open APIs-related jobs
- Open CEH-related jobs
- Open CI/CD-related jobs