Senior Malware Researcher

Cambridge, Massachusetts, United States

ReversingLabs

Software Supply Chain Security, Threat Intelligence, and Threat Analysis Solutions to

View company page

At ReversingLabs, our application security and threat intelligence solutions have become essential to advance Cybersecurity around the globe. We're now on a journey to expand adoption and accelerate growth, funded by our recent Series B investment, to hire top talent across the security industry.

This is a game changing opportunity. We know every application threatens businesses with new supply chain risks. ReversingLabs is the only company that can dissect any binary at the speed, scale and explainability to protect the enterprise end-to-end.

Our vision is clear. Arming every company with the insight to ensure every piece of software built or bought is secure and can be trusted, and that every threat is detected. We are seeking extraordinary talent to help forge this transformational journey at ReversingLabs.

You as the Senior DevOps Engineer will be based in the United States (Boston-area or remote) to provide Kubernetes matter expertise for our AWS, Azure and Google Cloud deployments by providing monitoring and production support for the Kubernetes clusters.

What you will do

  • Analyzes and/or reverse-engineers the behavior of malware using both static and dynamic tools and techniques.
  • Provides subject matter expertise in the detection, analysis and mitigation of malware, trends in malware development and capabilities, and proficiency with malware analysis capabilities.
  • Supports the maintenance of malware analysis platforms and tool sets, identifies requirements for new malware analysis capabilities, and contributes to the development of new malware analysis tools and techniques.
  • Produces reports detailing attributes and functionality of malware, including indicators that can be used for malware identification/detection, the relationship between a given sample of malware and other known samples/families of malware, and notable features that indicate the origin or sophistication of the malware and its authors.
  • Recommends counter measures to malware and other malicious type code and applications that exploit customer communication systems.
  • Track spam campaigns to produce intelligence including extracting indicators and TTPs.
  • Monitor cyber-crime landscape to identify new malware families as well as changes to existing malware families.
  • Hunting different threats including malicious documents, scripts and executables.
  • Writing/updating YARA repository to improve hunting capabilities.
  • Produce high quality technical reports/blogs on cyber-crime activities.
  • Perform static and dynamic analysis of threats.
  • Research new methods to improve malware analysis procedures/systems.
  • Collaborate with threat intel analysts to help prioritize detection capabilities and provide raw intel for further analysis and reporting
  • Stay up to date on malware families and modify existing rules as necessary
  • Document attack capabilities, understand its propagation characteristics, and define signatures for detection
  • Operate semi-autonomously to conduct collection, create solutions and support intelligence production per the standard operating procedures, with minimal guidance from your supervisors

Requirements

  • Malware operations experience
  • Understanding of threat detection
  • Knowledge of research/collection skills and analytical methods
  • General understanding of threat/risk management and threat/risk assessment
  • Experience in a security operations center or similar environment responding to incidents
  • Familiarity with tools used in cyber-intrusions
  • 5+ years experience conducting dynamic and static analysis of malicious software
    • Experience using disassemblers, decompilers and debuggers
    • Experience analyzing malicious documents and obfuscated scripts
    • Experience unpacking samples and reconstructing code logic
    • Experience analyzing shellcodes
    • Understanding of Windows OS internals
  • Experience writing YARA rules
  • Familiar with using MITRE ATT&CK
  • Have strong knowledge of cyber-crime malware families and groups
  • Familiar with most common and exploited CVEs
  • Excellent writing skills
  • Willingness to present at top tier security conferences
  • Familiar with underground forums
  • Capable of automating tasks with Python scripting
  • Familiarity with host- based operating system APIs
  • Ability to apply confidence and severity scoring to heuristic detections
  • Threat Hunting and incident response experience
  • Ability to work independently with little support
  • Strong analytical and problem-solving skills
  • Self-motivated to improve knowledge and skills
  • Ability to work and collaborate in a remote team
  • Customer enabled and focused
  • Bachelor’s degree Computer Science, Information Technology, or related field or equivalent experience
  • Experience refining source information and raw data into intelligence products
  • Knowledge of malware packers, obfuscation techniques, and exploit kits
  • Deep understanding of operating systems internals and the Windows API

Benefits

Benefits

  • Competitive salary (base & bonus)
  • Health, vision, dental, disability, life insurance, 401k
  • Commuter reimbursement
  • Challenging projects in a dynamic, collaborative team
  • Great career advancement opportunities - ReversingLabs encourages internal promotion


ReversingLabs was founded in 2009 with the mission to offer the ultimate threat detection solutions. Our security products are used by some of the largest organizations in the world, including 2 of the top 3 banks, 4 of the top 6 software companies, and 2 of the top 6 insurance companies. We have been honored with numerous awards including the 2021 SC Media Trust Award for Best Threat Intelligence Technology, a 2021 Top Black Unicorn Award, a 2020 Stevie Award, and the 2017 JPMorgan Chase Hall of Innovation Award for our truly unique malware and explainable threat intelligence products. Our pioneering technologies, exceptional products, and successful customer deployments also drove investments in ReversingLabs by some of the savviest investors in the world. With offices in the United States and Croatia, ReversingLabs is poised to achieve rapid growth and deliver groundbreaking innovation in 2021.

Tags: APIs Application security AWS Azure Cloud Computer Science DevOps Exploit GCP Incident response Kubernetes Malware MITRE ATT&CK Monitoring Python Risk assessment Risk management Scripting Threat detection Threat intelligence TTPs Windows

Perks/benefits: Career development Competitive pay Conferences Health care Insurance Startup environment

Region: North America
Country: United States
Job stats:  18  0  0
Category: Research Jobs

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.