Malware Analyst/Reverse Engineer (Detection Research)
Ironnet Cybersecurity Inc
Fulton, MD
Job Description
The Detection Research Team is responsible for delivering products that will improve the detection capabilities of IronDefense and inform internal teams, customers, and the public about threats in the current landscape. A detection researcher focuses on researching malware with the end goal of providing detection-focused information to other members of the product team, customers, and the security community.
Responsibilities
- Research malware families and variants to distill common characteristics and behaviors
- Perform static code analysis and dynamic analysis with a focus on extracting identifiable behaviors that can be used to inform analytic development efforts
- Analyze malware obtained from internal and external sources to extract identifiable behaviors and inform analytic development efforts
- Publish analysis reports to the internal teams, customers, and the public
- Develop signature and heuristic-based detection rules to aid behavioral and outlier analytics
- Perform exploratory hunt based on findings in vulnerability/malware research
Requirements
- Have a solid understanding of malware across different operating systems
- Have a solid understanding of dynamic/static analysis of malware
- Be proficient with debuggers and disassemblers
- Understand network protocols and common ways they are employed in attacks
- Be proficient with one or more scripting language(s) to automate common tasks and write tools
- Hands-on programming/scripting experience and the ability and willingness to learn new languages as needed
- Ability to document, present, and publish findings
- Can work independently
- 3+ years of malware analysis experience
- 3+ years of programming experience
Desirable Qualifications
- 5+ years of malware analysis experience
- 5+ years of programming experience
- Experience analyzing common malware delivery mechanisms
- Experience analyzing obfuscated code
- Experience with building and maintaining analysis, and sandbox environments
OR