This Role: We are looking for a technical threat researcher specializing in malware analysis for our Insikt (Research) Group, working alongside our highly skilled members and providing assistance in research of various cybercriminal and APT activities. Day-to-day responsibilities will include research leads-generation, analysis of malicious tools, infrastructure profiling, and writing high-quality intelligence assessments. Previous research experience is required. Relocation assistance will be considered for exceptional candidates.
Responsibilities to include:
- Reverse engineer malware, including APT tools and Crimeware
- Develop tools and methods to identify both commodity and custom malware using retro hunting and advanced detection techniques in common malware multi-scanner repositories as well as within Recorded Future's exclusive collection.
- Support other threat intelligence analysts to analyze malware associated with advanced threat actors to develop leads and insights into actor infrastructure, tooling, and targeting.
- Stay on top of developments within the malware landscape and track key developments by following publications, blogs, and mailing lists.
- Perform network analysis of malicious infrastructure.
- Develop network and host-based detection rules such as SNORT and YARA to detect APT or cybercriminal campaigns in line with Insikt research goals.
- Publish research on novel threats and research results.
- Experience with static and dynamic malware analysis on Windows binaries
- Experience with desktop and mobile malware analysis
- Knowledge of Windows operating system internals and the Windows API
- Knowledge of TCP/IP and other networking protocols
- Experience writing network signature detections
- Scripting experience in Python, Go, Powershell, or Bash
- Ability to convey complex technical and non-technical concepts in verbal products & excellent writing skills are mandatory
Highly Desirable Skills/Experience:
- BA/BS or MA/MS degree or equivalent experience in Computer Science, Information Security, or a related field.
- 7+ years of experience in static and dynamic malware analysis
- 7+ years of experience in network analysis tools
- Experience with multiple architectures a plus (x86, ARM, MIPS, etc)
- Experience in the deobfuscation of malware, analysis of packers, malware decryption techniques
- Experience managing small projects and processes
- Experience working and communicating directly with clients
Why should you join Recorded Future?
There’s a reason why over 90% of Fortune 100 Companies rely on us for their threat intelligence needs: our patented web intelligence engine has the ability to unlock insights that radically improve cyber threat visibility for our clients. Our dedication to empowering clients with intelligence to reduce risk has earned us a 4.7-star user rating from Gartner.
If you’re full of passion, ambition, and dedication you may be well on your way to becoming a Futurist. From over 35 nationalities, our Futurists are the perfect recipe of humility, accountability, and collaborative attitudes to put our team at the front line of securing the internet. If you want to be a part of this awesome team, apply today!
Want more info? Check out the links below for more from the Recorded Future team, special guests, and our partners.
Blog & Podcast: Learn everything you want to know (and maybe some things you’d rather not know) about the world of cyber threat intelligence
Instagram & Twitter: What’s happening at Recorded Future
Timeline: History of Recorded Future
Recorded Future will not discharge, discipline or in any other manner discriminate against any employee or applicant for employment because such employee or applicant has inquired about, discussed, or disclosed the compensation of the employee or applicant or another employee or applicant.
Recorded Future is an equal opportunity and affirmative action employer and we encourage candidates from all backgrounds to apply. Recorded Future does not discriminate based on race, religion, color, national origin, gender including pregnancy, sexual orientation, gender identity, age, marital status, veteran status, disability or any other characteristic protected by law.