Sr Security Researcher
AreteArete is transforming the way businesses and governments manage cyber risk through proven incident response, tech-enabled managed services, and powerful data insights.
The Sr. Security Researcher is a self-starting and motivated analyst on Arete’s Cyber Threat Intelligence team. This position is primarily focused on performing countermeasure development, threat hunting and profiling, malware analysis, analyzing threats, and tracking known adversaries and emerging threats. The role will contribute to the research and publication of threat insights, internal work products, as well as intelligence products to be used by Arete’s customers and stakeholders. A successful analyst has an advanced technical skill set and thrives on learning the technical aspects of the tactics, techniques, and procedures leveraged by threat actors, developing solutions to challenging problems. Work may occasionally include afterhours intelligence support during major engagements.
ROLES & RESPONSIBILITIES
Develop countermeasures, tools, and methods of detection to be used for threat hunting and incident response activities.
Threat hunting in Endpoint Detection & Response (EDR) telemetry data.
Perform malware analysis.
Identify cyber threats, trends, and new malware families and threat actor groups by analyzing Arete’s case reports, MDR & SOC escalations, sandbox submissions, raw and open-source intelligence.
Identify and report on the current and changing Tactics, Techniques, and Procedures (TTPs) used by cyber threat actors.
Create finished intelligence analysis for internal and external customers through written reporting, blogs, and industry insights to help reinforce Arete as a thought leader in cyber threat intelligence.
Inform various business units within Arete about new threat actor TTPs.
Create compelling internal reports and presentations from analysis results.
Uncover adversary activity not detected by current detection mechanisms.
Identify intelligence and technology gaps.
Contributes to the development and enhancement of threat intelligence tools, technologies, and processes to improve automation, data analysis, intelligence sharing, and service offerings.
Provide tactical intel and analysis support for MDR, DFIR, and SOC business units.
Create detailed process documentation of analysis workflows to help maintain and update our Standard Operating Procedures for continuous process improvement.
Coach and mentor junior analysts and interns.
May perform other duties as assigned by management.
The above statements are intended to describe the general nature and level of work being performed. They are not intended to be an exhaustive list of all responsibilities, duties and skills required personnel so classified.
SKILLS AND KNOWLEDGE
Motivated and self-starter with a passion for countermeasure development, malware analysis and cyber threat intelligence.
Ability to produce high-quality finished work products within short deadlines.
Knowledge of how malware is developed, functions, and is employed by cybercrime threat actors.
Ability to work remotely under a minimal supervision environment maintaining high quality analytical production and excellent relationship with stakeholders.
Desire to extend knowledge of threat actor TTPs.
Understanding of the tools and techniques used by cybercrime threat actors.
Ability to analyze various file types such as: C/C++, .NET, Visual Basic scripts, Java scripts, Powershell scripts, Malicious documents, Webshells, Shellcode, packed and obfuscated code.
Different Crimeware, Ransomware, Bots, Commodity, and Nation-State malware families.
Vulnerability exploitation and detection.
Various open-source and commercial malware analysis tools and Sandbox systems.
Network traffic analysis, Memory analysis and Log analysis.
Encoding and encryption algorithms.
Anti-analysis techniques and patching code to bypass checks.
Disassemblers and debuggers.
Working in a fast-paced environment with Digital Forensics and Incident Responders.
Master’s degree in Cybersecurity, Engineering, Computer Science, Information Assurance, or related field with a minimum of 5 years of experience related to the job role. Or, Bachelor’s degree with a minimum of 7 years of experience related to the job role.
Experience writing Yara rules and regular expressions.
Working with ransomware and ransomware precursors, and identifying key indicators of compromise.
Experience profiling threats, preferably cybercrime threats like ransomware and ransomware precursors.
Experience with EDR technology, threat hunting, automated malware analysis sandbox systems, and countermeasure development (e.g., SentinelOne).
While performing the responsibilities of this position, the work environment characteristics listed below are representative of the environment the employee will encounter: Usual office working conditions. Reasonable accommodation may be made to enable people with disabilities to perform the essential functions of this job.
No physical exertion required.
Travel within or outside of the state.
Light work: Exerting up to 20 pounds of force occasionally, and/or up to 10 pounds of force as frequently as needed to move objects.
TERMS OF EMPLOYMENT
Salary and benefits shall be paid consistent with Arete salary and benefit policy.
FLSA OVERTIME CATEGORY
Job is exempt from the overtime provisions of the Fair Labor Standards Act.
Arete Incident Response is an outstanding (and growing) company with a very dedicated, fun team. We offer competitive salaries, fully paid benefits including Medical/Dental, Life/Disability Insurance, 401(k) and the opportunity to work with some of the latest and greatest in the fast-growing cyber security industry.
When you join Arete…
You’ll be doing work that matters alongside other talented people, transforming the way people, businesses, and things connect with each other. Of course, we will offer you great pay and benefits, but we’re about more than that. Arete is a place where you can craft your own path to greatness. Whether you think in code, words, pictures or numbers, find your future at Arete, where experience matters.
Equal Employment Opportunity
We’re proud to be an equal opportunity employer- and celebrate our employees’ differences, regardless of race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, or Veteran status. Different makes us better.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
More jobs like this
Remote - Ontario Remote - Ontario Full TimeSenior Senior-levelUSD 52K - 98K * USD 52K+ *
Senior Software Developer - Full Stack (Security Research Services Development)Agile APIs Artificial Intelligence AWS Cloud Full stack +15
401(k) matching Career development Equity Flex vacation Health care +6
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Staff Security Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Information Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Cybersecurity Analyst jobs
- Open Senior Security Analyst jobs
- Open Cyber Security Specialist jobs
- Open Security Operations Engineer jobs
- Open Consultant SOC / CERT H/F jobs
- Open Cyber Security Architect jobs
- Open Product Security Engineer jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Principal Security Engineer jobs
- Open Senior Security Architect jobs
- Open IT Security Analyst jobs
- Open Senior Cyber Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Cybersecurity Specialist jobs
- Open Chief Information Security Officer jobs
- Open Ingénieur DevSecops H/F jobs
- Open Security Specialist jobs
- Open Security Researcher jobs
- Open Senior Penetration Tester jobs
- Open Infosec Risk Manager jobs
- Open Agile-related jobs
- Open Network security-related jobs
- Open C-related jobs
- Open Pentesting-related jobs
- Open ISO 27001-related jobs
- Open CISM-related jobs
- Open Application security-related jobs
- Open Analytics-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open SaaS-related jobs
- Open DevOps-related jobs
- Open CISA-related jobs
- Open Security Clearance-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open Kubernetes-related jobs
- Open Malware-related jobs
- Open APIs-related jobs
- Open Forensics-related jobs
- Open CI/CD-related jobs
- Open IDS-related jobs
- Open EDR-related jobs