Job Description

FireEye Threat Intelligence is a proactive, forward-looking means of qualifying threats poised to disrupt your business based on the intents, tools, and tactics of the attacker. Our high-fidelity, comprehensive intelligence delivers visibility beyond the typical attack lifecycle, adding context and priority to global threats before, during, and after an attack. 

Interns in this position will perform malware analysis or other related technical analysis tasks in support of FireEye Threat Intelligence. 

RESPONSIBILITIES

• Track malware, malicious campaigns, or actors through technical analysis of data, malicious codes, exploits, and infrastructure. 
• Perform reverse engineering and behavioral analysis of malicious codes and related artifacts.
• Assist in writing reports documenting findings that intelligence customers can use to better understand malicious activity and how to defend themselves.

Qualifications

Qualifications

Candidates are not expected to have all the necessary skills, knowledge, and experience coming in, but are generally able to demonstrate a solid understanding of one or more of the basic capabilities required to perform malware analysis and related technical analysis functions. Interns will be receiving informal on-the-job training to provide specific subject matter expertise, but successful candidates will also need to demonstrate their ability to proactively learn designated subject matter and roles relatively easily. Internship candidates will be asked to perform a simple evaluation task during the candidate selection process to assess their capability. 

Beneficial experience, skills, and knowledge could include the following: 

• Ability to demonstrate a basic understanding of malware analysis or reverse engineering concepts and related tool sets: 
  • Network sniffers 
  • Process analysis tools 
  • Registry analysis tools 
  • File analysis tools 
  • Memory analysis tools 
  • Disassemblers and Debuggers

   

• Understanding of how computers and their underlying systems work (e.g. authentication mechanisms, file systems, common forensic artifacts, encryption, encoding, obfuscation, etc.) 
• Understanding of common strategies actors have taken to compromise and attack computing systems 
• Understanding of network traffic and fundamental networking/communication protocols such as BGP, DNS, HTTP, TLS/SSL, SMTP, etc.
• Awareness of currently-prominent cyber threats, malware, and computer exploitation tactics

ADDITIONAL QUALIFICATIONS: 

• Previous experience or knowledge of cybersecurity concepts, including the cyber threat landscape, common tactics, techniques, and procedures (TTPs), and threat actor/group tracking 
• Understanding of one or more of the following: C/C++, PHP, Perl, Python, JavaScript, Ruby, SQL, Assembly, etc.
• Ability to demonstrate comprehensive, practical knowledge of research and collection skills as well as analytic methods 
• Ability to assess and analyze information from various sources to develop actionable intelligence 
• Strong writing skills with ability to communicate clearly and efficiently 
• Strong interpersonal skills and ability to collaborate in a team environment

Additional Information All qualified applicants will receive consideration for employment without regard to race, sex, color, religion, sexual orientation, gender identity, national origin, protected veteran status, or on the basis of disability.