Careers

Malware Reverse Engineer

Job Description

You want your work to make an impact, in terms of helping people and the broader industry. You have wide-ranging experience in analyzing attacker tools and malware samples to support investigations involving criminal and nation-state actors.

You are looking for a job opportunity where you can:

  • Expose the use of unknown vulnerabilities, tools, and tactics by advanced threat groups.
  • Help protect NGOs, activists, dissidents, human rights defenders, and other highly targeted groups.
  • Defend elections and the democratic process.
  • Contribute to open source software.
  • Be part of an industry-leading threat intelligence & incident response team.
  • Have flexible work hours and a remote friendly environment.

Responsibilities

As a Malware Reverse Engineer, your responsibilities include:

  • Carry out static and dynamic analysis of malware samples and attacker tools.
  • Reverse engineer malware samples in order to determine capabilities and functionality.
  • Work with experienced analysts and researchers.
  • Develop custom analysis tools and detection methods.
  • Prepare customer-facing briefings and reports that relate actionable data and analysis results.

Qualifications

  • Five (5) or more years relevant work experience
  • Experience with in-depth malware analysis and reverse engineering
  • Experience with digital forensics and incident response best practices
  • Skill in analyzing disassembly of x86 and x64 binaries
  • Demonstrable familiarity in use of:
    • IDA Pro and/or Ghidra
    • User and kernel-mode debuggers (WinDBG, x64dbg, Immunity Debugger)
    • Dynamic analysis tools (sandbox platforms, API hooking tools, code flow analysis tools)
    • Network analysis tools (Wireshark, tcpdump)
    • Memory analysis tools (Volatility)
  • Experience analyzing packed and obfuscated code
  • Ability to develop tools or scripts to automate:
    • Decryption of malware network communications
    • Decryption of files dropped by or related to the malware sample
    • Unpacking malware samples
    • Patching of malware samples
    • Deobfuscation of malware samples and related files
  • Experience analyzing malicious documents (MS Office, PDF, RTF)
  • Experience analyzing malicious JavaScript, PowerShell, VBScript, etc.
  • Experience circumventing anti-reverse engineering techniques
  • Knowledge of the latest malware trends and threat groups
  • Thorough understanding of operating system internals (Windows, macOS, and Linux) and common network protocols
  • Experience writing detection rules and signatures (YARA, Snort)
  • Ability to rapidly scope when an analysis consumer requires rapid responses to specific questions

Additional Qualifications

  • Strong technical, verbal and written communication skills
  • Ability to work both independently and on team projects
  • Knowledge of programming and scripting languages (Python, C, C++, C#)
  • Passion for understanding APT and criminal intrusions
  • Experience analyzing malware infections on mobile platforms
  • Ability to demonstrate effective time management skills
  • US Worker, exceptions considered on a case-by-case basis

I’m interested!