You, as the Security Researcher, Malware Analysis will help broaden and strengthen our dynamic analysis platform. The ideal candidate has a keen interest in security, understands tactics and techniques used by malicious actors, and stays current with the threat landscape.
You will be working with a small but focused team that runs our dynamic analysis platform. The platform consists of homegrown, open source, and third-party solutions. We work with Windows, Linux, and MacOS and we expect you to have expertise in at least one of these operating systems. The platform supports the automated dynamic analysis of 100,000 malicious files per day and we are always fine-tuning it to be more effective and efficient. Data from this system is consumed by malware analysts, incident responders, and threat hunters so you must be able to think like a defender and separate the signal from the noise.
Your role on the team will be to improve our malware detection, classification, and signal extraction capabilities. By researching novel malware, you will help ensure the platform stays current and is equipped to handle the latest threats. And you will investigate vulnerabilities and past threats to identify how we can extract insightful intelligence about threat actors and the malicious tools they use.
This role requires the ability to do independent research and proactively bring suggestions and improvements to the table. You should know how to handle malware safely and create an analysis environment that does not put yourself or company employees and resources at risk. You should be able to provision systems and deploy virtual machines with little to no assistance.
Triage and analyze malware samples to improve detection capabilities and signal extraction. Write Python/Lua scripts to interact with and enhance existing tools. Create and maintain automated analysis environments. Research sandbox evasion techniques and implement anti-evasion controls. Measure the quality and efficacy of internal and external solutions. Evaluate open source and third-party tools for possible integration into the platform. Evaluate existing and prepare new detection methods (such as YARA rules).
US Located Required: Yes
Schedule: Full time