Malware Analyst
hace 5 meses
**About Us**
We are a global cyber security company providing solutions for enterprises since 2002 to identify, detect, and remediate advanced security threats from data and devices coming into and out their networks. Trusted by over 1,000 organizations worldwide for this secure data flow, we prevent advanced security threats across multiple channels of file transfer and data flow with flexible options of our solutions and API-based development and threat intelligence platforms.
With over 30 anti-malware engines, 100+ data sanitization engines and more than 25 technology integration partners, we are a pioneer and leader in data sanitization (Content Disarm and Reconstruction), vulnerability detection, multi-scanning, device compliance, and cloud access control.
**The Position**
We are looking for a hands-on malware analyst to join our growing R&D team in Spain.
**What You Will Be Doing**
- Vetting YARA rules and building new threat indicators (Python based rule-set), which will directly impact the verdict of our products
- Building Python based integrations with other threat intelligence and SOAR platforms
- Analyze interesting samples (malicious binaries, portable executables, scripts, documents, and packet captures) through reverse engineering to the point where you can identify if they are malicious.
- Conduct deep-dive technical analysis of malicious artifacts/events to identify, assess, and document cyber-attack tools, tactics, and procedures including malware defense mechanisms such as anti-reverse, anti-debug, and anti-virtual machine (anti-evasion techniques)
- Analyze modern malware based on public records or own research
- Classify malware based on malware behaviors, malware commonalities, malware families
**What We Need From You**
- You are passionate about developing customized technical solution sets to monitor and analyze several different malware families and develop products to mitigate threats including Advanced Persistent Threats (APT) and zero-day attacks
- Strong understanding of the cyber threat ecosystem including targets, actors, and the TTPs they use to distribute malware
- Ability to use static and dynamic methods to analyze a file using mainly user mode debugger disassembler and other tools
- Knowledge of security and compliance frameworks including MITRE ATT&CK
- Deep knowledge in operating system APIs and internals (Windows and Linux)
- Python experience is welcome (you should have scripting experience)
- Experience in some common malware techniques: Injection, Packing, Obfuscating...
- Familiarity with ICS/IoT threats and security is an advantage
- Familiarity with Agile / Scrum working environment, and tools like Bitbucket, Jira, Confluence, TeamCity is a plus
**Why You’ll Love Working Here**
- Over marketable Compensation & Benefits package
- Home Office Set Up allowance
- Stable, growing international company background with an exceptional customer group
- Opportunity to improve your professional skills
- The newest technology environment
Application Question(s):
- Do you have experience in building integrations with SOAR platforms for a sandbox environment?
- Have you developed any custom tools or scripts in Python?
Work Location: Remote