Senior Malware Researcher
Cambridge, Massachusetts, United States
ReversingLabsReversingLabs offers explainable machine learning delivering the threat intelligence humans need to verify local threats and automate SOC processes.
At ReversingLabs, our application security and threat intelligence solutions have become essential to advance Cybersecurity around the globe. We're now on a journey to expand adoption and accelerate growth, funded by our recent Series B investment, to hire top talent across the security industry.
This is a game changing opportunity. We know every application threatens businesses with new supply chain risks. ReversingLabs is the only company that can dissect any binary at the speed, scale and explainability to protect the enterprise end-to-end.
Our vision is clear. Arming every company with the insight to ensure every piece of software built or bought is secure and can be trusted, and that every threat is detected. We are seeking extraordinary talent to help forge this transformational journey at ReversingLabs.
You as the Senior DevOps Engineer will be based in the United States (Boston-area or remote) to provide Kubernetes matter expertise for our AWS, Azure and Google Cloud deployments by providing monitoring and production support for the Kubernetes clusters.
What you will do
- Analyzes and/or reverse-engineers the behavior of malware using both static and dynamic tools and techniques.
- Provides subject matter expertise in the detection, analysis and mitigation of malware, trends in malware development and capabilities, and proficiency with malware analysis capabilities.
- Supports the maintenance of malware analysis platforms and tool sets, identifies requirements for new malware analysis capabilities, and contributes to the development of new malware analysis tools and techniques.
- Produces reports detailing attributes and functionality of malware, including indicators that can be used for malware identification/detection, the relationship between a given sample of malware and other known samples/families of malware, and notable features that indicate the origin or sophistication of the malware and its authors.
- Recommends counter measures to malware and other malicious type code and applications that exploit customer communication systems.
- Track spam campaigns to produce intelligence including extracting indicators and TTPs.
- Monitor cyber-crime landscape to identify new malware families as well as changes to existing malware families.
- Hunting different threats including malicious documents, scripts and executables.
- Writing/updating YARA repository to improve hunting capabilities.
- Produce high quality technical reports/blogs on cyber-crime activities.
- Perform static and dynamic analysis of threats.
- Research new methods to improve malware analysis procedures/systems.
- Collaborate with threat intel analysts to help prioritize detection capabilities and provide raw intel for further analysis and reporting
- Stay up to date on malware families and modify existing rules as necessary
- Document attack capabilities, understand its propagation characteristics, and define signatures for detection
- Operate semi-autonomously to conduct collection, create solutions and support intelligence production per the standard operating procedures, with minimal guidance from your supervisors
- Malware operations experience
- Understanding of threat detection
- Knowledge of research/collection skills and analytical methods
- General understanding of threat/risk management and threat/risk assessment
- Experience in a security operations center or similar environment responding to incidents
- Familiarity with tools used in cyber-intrusions
- 5+ years experience conducting dynamic and static analysis of malicious software
- Experience using disassemblers, decompilers and debuggers
- Experience analyzing malicious documents and obfuscated scripts
- Experience unpacking samples and reconstructing code logic
- Experience analyzing shellcodes
- Understanding of Windows OS internals
- Experience writing YARA rules
- Familiar with using MITRE ATT&CK
- Have strong knowledge of cyber-crime malware families and groups
- Familiar with most common and exploited CVEs
- Excellent writing skills
- Willingness to present at top tier security conferences
- Familiar with underground forums
- Capable of automating tasks with Python scripting
- Familiarity with host- based operating system APIs
- Ability to apply confidence and severity scoring to heuristic detections
- Threat Hunting and incident response experience
- Ability to work independently with little support
- Strong analytical and problem-solving skills
- Self-motivated to improve knowledge and skills
- Ability to work and collaborate in a remote team
- Customer enabled and focused
- Bachelor’s degree Computer Science, Information Technology, or related field or equivalent experience
- Experience refining source information and raw data into intelligence products
- Knowledge of malware packers, obfuscation techniques, and exploit kits
- Deep understanding of operating systems internals and the Windows API
- Competitive salary (base & bonus)
- Health, vision, dental, disability, life insurance, 401k
- Commuter reimbursement
- Challenging projects in a dynamic, collaborative team
- Great career advancement opportunities - ReversingLabs encourages internal promotion
ReversingLabs was founded in 2009 with the mission to offer the ultimate threat detection solutions. Our security products are used by some of the largest organizations in the world, including 2 of the top 3 banks, 4 of the top 6 software companies, and 2 of the top 6 insurance companies. We have been honored with numerous awards including the 2021 SC Media Trust Award for Best Threat Intelligence Technology, a 2021 Top Black Unicorn Award, a 2020 Stevie Award, and the 2017 JPMorgan Chase Hall of Innovation Award for our truly unique malware and explainable threat intelligence products. Our pioneering technologies, exceptional products, and successful customer deployments also drove investments in ReversingLabs by some of the savviest investors in the world. With offices in the United States and Croatia, ReversingLabs is poised to achieve rapid growth and deliver groundbreaking innovation in 2021.
Explore more Information Security career opportunities
- Open Senior Information Security Engineer jobs
- Open Vulnerability Analyst jobs
- Open Cyber Security Architect jobs
- Open IT Security Engineer jobs
- Open Personnel Security Officer jobs
- Open Staff Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Senior Infrastructure Security Engineer jobs
- Open Threat Intelligence Response Analyst jobs
- Open Principal Security Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Senior Incident Response Analyst jobs
- Open Information Security Architect jobs
- Open Chief Information Security Officer jobs
- Open SOC Analyst jobs
- Open Sr. Product Security Engineer jobs
- Open Azure Security Engineer jobs
- Open Information Security Officer jobs
- Open Cybersecurity Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Sr. Software Engineer - Detection Engineering jobs
- Open Staff Engineer, Cloud Security jobs
- Open Security Officer 3 jobs
- Open Software Security Engineer jobs
- Open Privacy Manager jobs
- Open Threat intelligence-related jobs
- Open PCI-related jobs
- Open Clearance-related jobs
- Open IDS-related jobs
- Open Machine Learning-related jobs
- Open Forensics-related jobs
- Open CEH-related jobs
- Open Open Source-related jobs
- Open Splunk-related jobs
- Open Intrusion detection-related jobs
- Open Encryption-related jobs
- Open Ruby-related jobs
- Open Security assessments-related jobs
- Open OSCP-related jobs
- Open Threat detection-related jobs
- Open Docker-related jobs
- Open GDPR-related jobs
- Open IPS-related jobs
- Open HIPAA-related jobs
- Open DevSecOps-related jobs
- Open TCP/IP-related jobs
- Open Unix-related jobs
- Open PowerShell-related jobs
- Open DNS-related jobs