We are looking for a Threat Researcher to join our Threat Research team to identify cyber threats, dissect code, and reverse engineer malware. You will operate semi-autonomously to conduct research and produce concise, written analysis and visual presentation of findings. This person will also work with our clients to provide innovative detection and eradication solutions to reduce risk to client’s networks and operations. In addition to technical expertise, to be successful in this role we’re looking for passionate self-starters who can quickly understand and deliver on company and customer requirements.

What you will do:  

• Examine malicious software to identify new techniques and exploit targets on behalf of client intelligence needs
• Performing Threat Hunting exercises from the telemetry
• Document attack capabilities, understand its propagation characteristics and define signatures for detection
• Operate semi-autonomously to conduct collection, create solutions and support intelligence production per the standard operating procedures
• Analyze malware to determine its attack techniques and targets  
• Write sigma rules for the identified malware

Requirements:

• Bachelors or Masters in Computer Science or comparable field required.
• Experience in the threat research field with a focus on malware analysis.  
  
  
• A proven background in advanced reverse engineering on file-based threats, exploits, and other attack techniques are desirable to be demonstrated at a moderate skill level.
• Experience using the Pyramid of Pain in conjunction with MITRE’s ATT&CK Framework to develop threat hunting hypothesis.
• Understanding of Advanced Persistent Threat (APT) and associated tactics, targeted attacks.
• Strong familiarity with mitigation strategies such as Suricata, Snort and YARA signatures
• To operate at the level required to disassemble, core principles of structured programming are required to be proficient in.  
• Expert level familiarity with at least one major Operating System is required as a behavior- based system requires in-depth knowledge of how the host OS appears, as opposed to how the end-user sees it.  
• A good working knowledge of malware-based automation workflows and techniques.
• Possess any basic programming and scripting skills (e.g. .NET, Perl, Java, or Python)