Malware Reverse Engineer
You want your work to make an impact, in terms of helping people and the broader industry. You have wide-ranging experience in analyzing attacker tools and malware samples to support investigations involving criminal and nation-state actors.
You are looking for a job opportunity where you can:
- Expose the use of unknown vulnerabilities, tools, and tactics by advanced threat groups.
- Help protect NGOs, activists, dissidents, human rights defenders, and other highly targeted groups.
- Defend elections and the democratic process.
- Contribute to open source software.
- Be part of an industry-leading threat intelligence & incident response team.
- Have flexible work hours and a remote friendly environment.
As a Malware Reverse Engineer, your responsibilities include:
- Carry out static and dynamic analysis of malware samples and attacker tools.
- Reverse engineer malware samples in order to determine capabilities and functionality.
- Work with experienced analysts and researchers.
- Develop custom analysis tools and detection methods.
- Prepare customer-facing briefings and reports that relate actionable data and analysis results.
- Five (5) or more years relevant work experience
- Experience with in-depth malware analysis and reverse engineering
- Experience with digital forensics and incident response best practices
- Skill in analyzing disassembly of x86 and x64 binaries
- Demonstrable familiarity in use of:
- IDA Pro and/or Ghidra
- User and kernel-mode debuggers (WinDBG, x64dbg, Immunity Debugger)
- Dynamic analysis tools (sandbox platforms, API hooking tools, code flow analysis tools)
- Network analysis tools (Wireshark, tcpdump)
- Memory analysis tools (Volatility)
- Experience analyzing packed and obfuscated code
- Ability to develop tools or scripts to automate:
- Decryption of malware network communications
- Decryption of files dropped by or related to the malware sample
- Unpacking malware samples
- Patching of malware samples
- Deobfuscation of malware samples and related files
- Experience analyzing malicious documents (MS Office, PDF, RTF)
- Experience circumventing anti-reverse engineering techniques
- Knowledge of the latest malware trends and threat groups
- Thorough understanding of operating system internals (Windows, macOS, and Linux) and common network protocols
- Experience writing detection rules and signatures (YARA, Snort)
- Ability to rapidly scope when an analysis consumer requires rapid responses to specific questions
- Strong technical, verbal and written communication skills
- Ability to work both independently and on team projects
- Knowledge of programming and scripting languages (Python, C, C++, C#)
- Passion for understanding APT and criminal intrusions
- Experience analyzing malware infections on mobile platforms
- Ability to demonstrate effective time management skills
- US Worker, exceptions considered on a case-by-case basis