As a threat researcher you will work as part of the security research team to help monitor the activity of malware affecting people and organizations around the world. You will research malware, become familiar with how it works and use a wide range of tools and data sources in the task of tracking it’s activity. The product of your work will be the maintenance and constant improvement of the world's largest malware infections tracking system. This is one of the biggest differentiators of BitSight, as its volume, accuracy and data quality allow for a unique capability when measuring security ratings.  

 

We are looking for candidates who are able to research a threat with minimal supervision, being able to use intelligence data to track interesting activity, develop tools and scripts to assist in tracking and also being able to efficiently reverse engineer a binary when needed.

 


Key Responsibilities

  • Research available threat intel sources to validate automated system results and to identify malware families that were not automatically classified;
  • Create malware traffic detection signatures based on network communication patterns;
  • Perform malware analysis to understand behaviour and indicators of compromise;
  • Create malware tracking and detection tools and signatures (e.g. malware trackers/crawlers, yara rules, parse dumped memory to extract relevant artifacts)
  • Carefully document decisions and observations made during research, and keep an updated documental support of the process being performed;
  • Reverse engineering binaries to support the threat research activity;



Skills and Requirements

  • BSc or MSc is desirable;
  • Take tasks and projects to completion, with a sense of ownership;
  • Strong sense of team collaboration as well as individual work ethic;
  • Ability to take on an investigation from start to finish with minimal guidance;
  • Able to document deep technical research into easily readable documentation;
  • Solid understanding of malware typical behaviours and features;
  • Good reverse engineering skills (e.g. able to manually unpack malware, deobfuscate strings and API calls);
  • Able to reverse Windows, Linux and Android malware;
  • Good programming skills (ideally in Python);
  • Ability to reimplement reversed network protocols, structures and algorithms in a higher level language;



What we offer

  • Great company - BitSight pioneered the market and the Security Rating is becoming increasingly important worldwide as the standard,
  • Good work environment and perks;
  • Very knowledgeable and helpful team;

Apply for this Job

* Required