You want to come in at the ground floor to help us build out our malware analysis solution. You can identify gaps in infrastructure and skillset and can take charge of building out a strong platform from which OPSWAT can build products protecting its customers.
You are passionate about developing customized technical solution sets to monitor and analyze several different malware families and create products to mitigate threats including Advanced Persistent Threats (APT) and zero day attacks.
You possess subject matter expertise in threat detection, host and network forensics, computer intrusion, theft of information, denial of service, and incident responseYou have a thorough working understanding of the security industry and are driven to stay abreast of latest threats and threat actors as they are discovered.
What You Will Be Doing
Conduct deep dive technical analysis of malicious artifacts / events to identify, assess, and document cyber-attack tools, tactics, and procedures including malware defense mechanisms such as anti-reverse, anti-debug, and anti-virtual machine.
Lead efforts to develop and extract IOCs from malicious binaries, executables, scripts, documents, and packet captures;
use the resulting data to inform efforts to create detection logic.
Create signatures (file, host, network) to detect, hunt, and prevent compromise from known and unknown malware families.
Create tooling / intelligence products to understand malware and incorporate the learnings into our customer facing products.
Identify credible new tools and subject matter resources relative to current and emerging malware analysis techniques.
Implement both tactical and strategic solutions to improve the detection capabilities of our malware analysis products.
What We Need From You
Strong understanding of the cyber threat ecosystem including targets, actors, and the TTPs they use to distribute malware.
3+ years experience in threat research, virus exploitation and containment, incident response and mitigation techniques.
3+ years utilizing multiple reverse engineering tools and techniques to perform malware and intrusion analysis, host and network forensics, and threat intelligence collection.
Ability to apply a thorough knowledge of attacker capabilities, intentions, motives, and historical operations / targets to inform cybersecurity strategies quickly, clearly and effectively.
Experience analyzing a wide variety of suspicious files, reviewing automated sandbox reports, and reviewing network packet captures.
Ability to use static and dynamic methods to analyze a file using a (user and kernel mode) debugger disassembler and other tools in a Virtual Machine (VM).
Knowledge of security and compliance frameworks including MITRE ATT&CK.
A resourceful can-do attitude with strong organizational skills that enables you to define and meet deadlines with minimal oversight.
It Would Be Nice If You Had
Familiarity with ICS / IIoT threats and security.
Experience creating and running a malware analysis lab, or threat response team or similar.
Experience analyzing malware in a sandbox environment.