Sorry, this listing is no longer accepting applications. Don’t worry, we have more awesome opportunities and internships for you.

Malware Analyst

T

Team Cymru Inc

Malware Analyst

Lake Mary, FL
Full Time
Paid
Similar Jobs
  • Responsibilities

    Team Cymru is the leader in Internet Threat Intelligence. Team Cymru Pure Signal[tm] – our unique and global insight – empowers an amazing team of analysts to develop industry leading intelligence that is critical to the success of our client's cyber security efforts.

    Team Cymru is an ardent supporter of the Threat Intelligence community. In addition to enabling industry collaboration through exclusive conferences, team members actively participate in working groups, attend industry events, and collaborate with the community.

    JOB DESCRIPTION Team Cymru analysts make a difference every day, leading in the battle against those intent on harming others. We are passionate about our mission, and we are looking for additional teammates who share in that passion. Do you have a strong background in analytic trade-craft, deductive reasoning, and critical thinking? Would you like to have access to our industry leading threat intelligence? Are you a proven teammate, mentor, and technical leader? Would you like to join the battle and make a difference in the world? If so, opportunity knocks.

    Team Cymru analysts work on research and reporting pertaining to our clients’ security, empowering our clients to effectively and efficiently complete their mission. Additionally, our analysts undertake research into other threats, and work closely with our technology teams in the development of our world class analytical tools suite, data analytics systems, and analysis automation, as well as adding to the body of knowledge of those threats. As a Malware Analyst, you will apply reverse engineering skills in order to thoroughly understand malicious code threats of interest to Team Cymru and our clients. A successful analyst will use these insights in order to track malware threats and the actors behind those threats. In addition, the analyst will collaborate with other team members to track threat actors and enrich our threat intelligence data sets.

    PRIMARY RESPONSIBILITIES

    • Reverse engineer malicious code to determine functionality
    • Build tools to assist in analyzing and tracking malicious code families
    • Botnet tracking, analysis, and reporting
    • Evaluate tools, methodologies, and best practices to effectively understand the tactics, techniques, and procedures (TTPs) utilized by threat actors
    • Composition of tailored and actionable threat intelligence reporting based on tasking
    • Investigate and present operational and strategic intelligence about threats
    • Identify and maintain indicators of compromise (IOCs)
    • Maintain knowledge of the malware threat landscape by monitoring open and closed intelligence sources
    • Maintain detailed threat actor profiles on APT adversaries of interest/relevance to the mission, covering tactics, techniques, procedures, intent, goals, and strategic objectives.
    • Develop and test YARA and Suricata signatures
    • Engage strategically with closed forums and user communities

    REQUIREMENTS:

    • 3+ years of experience in reverse engineering binary executables, or 5+ years of experience with digital forensics, incident response, or related field, with significant focus on malware analysis
    • Strong oral and written communication skills, with a proven ability to produce client-facing intelligence reports
    • Ability to work effectively in a remote distributed team environment
    • Confident personality with the ability to deal with future unknown tasking or ambiguity, with the ability to shift focus to higher, breaking priorities without concern
    • Deep working knowledge of IP networking and services (DNS,HTTP/HTTPS,VPNs, and routing protocols)
    • Foundational knowledge of operating system concepts
    • The capability to develop analytical and proof-of-concept tools in a popular programming language (Go, Python and Perl familiarity preferred)

    HIGHLY DESIRABLE SKILLS:

    • Expertise working with data sets such as X.509 certificates, Passive DNS, and NetFlow
    • Proficient Python scripting skills; familiarity with Jupyter Notebooks
    • Experience working with MISP
    • Experience using Volatility for memory analysis
    • Experience with analytic visualization tools (e.g. Maltego, Analyst Notebook)
    • Experience presenting in front of clients and audiences
    • Strong knowledge of multiple operating systems (Can you install, configure, and maintain Windows? OS X? Linux? *BSD? Other?)
    • Experience building, configuring, customizing and/or maintaining Cuckoo or similar sandbox environments

    Our culture is fast-paced, team-oriented, and mission-focused. Our culture is geared towards the intellectually curious self-starter, with ample opportunities to explore, research, and develop new and unique solutions. Work location is flexible, with many of our teammates working remotely from home at all times.

    PI127853329