Malware Reverser Engineer

Technical Requirements:

• Perform triage analysis of malware samples
• Provide malware family identification
• Write and tune signatures to identify and discover malware
• Monitor for new malware samples using subscription services
• Support Security Operations by providing timely report of relevant malware

indicators for intrusion detection

• Support forensic operations/endeavors
• Write signatures for endpoint detection/protection platforms (EDR/EPP)
• Create content in SIEM for host-based signature detection
• Monitor SIEM tool for host-based signature detection; tune and escalate
• Write custom scripts to deobfuscate, decode and automate analysis process
• Produce accurate, high-quality, evidence-based reports and presentations
• Working understanding of the Lockheed Martin Cyber Kill Chain®
• Incident Response
• Intrusion Analysis
• Forensic Analysis

please contact us for this job from here by reffering Job Title

Typical Education & Experience
Typically a Bachelor’s Degree and 8 years work experience or equivalent experience

Required Skills and Education

Typical Education and Experience:
• 6+ years work experience preferred
• GIAC Reverse Engineering Malware [GREM] (or equivalent)
• Experience with x64dbg, Ollydbg, and/or IDA Pro
• Experience with setting up a malware analysis lab (VMs, tools, etc.)
• Experience working on a reverse engineering team or a security ops center

Required Skills:

• Malware Reverse Engineering, Disassembly, and Debugging
• Ability to perform both Behavioral/Dynamic and Static malware analysis
• Proficiency with open-source malware analysis tools
• Extensive experience with Windows operating system internals
• Experience analyzing PE and comfortable working with various file types such as macros, .NET, Delphi, and C/C++-based programs
• Ability to review and interpret host-based alerting
• Experience with Endpoint Detection & Response (EDR) products
• Experience with Endpoint Protection Platform (EPP) products
• Malware classification/detection with Yara

Preferred Skills and Education

• Experience with ELF file format and Linux OS internals
• Experience with analyzing both commodity and nation-state malware
• Familiar with malware families (e.g. PoisonIvy, Gh0st RAT)
• GREM/GCFE/GCFA (or equivalent)
• Python/Perl/PowerShell Scripting
• Ability to read and interpret PCAP
• Endpoint Protection experience