Compensation: $125K - $135K / Year
Minimum Education: None
Job Type: Full Time
Email this job to a friend
Apply Online or email this job to apply later
*100% Remote-Work From Home
*Strong Malware and Reverse Engineering Experience required.
*Ann Arbor, MI or Austin, TX preferred-Full Remote OK.
Salary: $125K-$135K + Bonus
My clients Security Engineering and Response Team (SERT) is an elite malware research, security development, and operational response team that delivers threat intelligence and solution innovation to the company's industry leading DDoS and advanced threat products.
The SERT is seeking to expand its security research team with a highly-qualified research analyst that has reverse engineering and development skills as well as a desire to focus on DDoS malware and IoT-based botnets for the world’s foremost DDoS mitigation provider.
As a member of this elite squad, you will leverage, and contribute to, SERT’s exceptional malware processing and sensor infrastructure to uncover emerging threats and attack campaigns, infiltrate and monitor botnets, design novel honeypots, evolve analysis methods, and develop threat intelligence that will protect our customers.
This is a highly rewarding and intellectually-stimulating position that offers significant potential for professional growth.
Successful applicants will have the opportunity to substantively contribute to the state of the art in malware processing, botnet monitoring, threat intelligence, and network security - working side-by-side with some of the most innovative and well-known security practitioners in the Internet and large enterprise networking spaces.
Leverage SERT’s internet-scale malware processing and sensor infrastructure to identify coverage gaps and emerging threats with a focus on DDoS malware and IoT-based bots
Perform in-depth analysis of DDoS and IoT-based malware to identify capabilities, threat potential, emerging trends, and interrelationships with other malware.
Correlate malware, sensor, and attack data to draw conclusions regarding attack campaigns and capacities.
Develop custom code based on malware analysis to create interactive honeypots, enhance sensor capabilities, infiltrate botnets, extract indicators, collect malware samples, and source a high-fidelity threat feed.
Specify mitigation strategies to defend against DDoS attacks and malware propagation.
Participate in real-time mitigation and information sharing efforts.
Produce rapid-response threat advisories as well as blog posts related to research findings.
Rapidly perform any of the above activities in high-pressure situations in response to global, large-scale Internet outages.
Present research internally and at conferences.
Identify and implement new technologies and methods for identifying and tracking DDoS and IoT-based botnets.
Serve as a subject matter expert for prestige media inquiries regarding high-profile attacks.
Cultivate relationships with other security researchers, trust groups, and trusted partners.
*Demonstrable experience with relevant reverse engineering tools (e.g. IDA Pro).
*Experience reversing Linux-based malware.
*Experience reversing ARM-based malware.
*Working knowledge of the ELF file format.
*Machine level understanding of C/C++ constructs.
*Deep understanding of Linux and familiarity with at least one other non-desktop OS (e.g. Android, IOS).
*Experience dissecting the behavior of IoT devices running embedded Linux.
*Experience deconstructing command and control protocols.
*Experience building interactive honeypots to uncover malware and adversary activity.
*Demonstrable experience using Python for automation purposes.
*Able to perform layer 3/4 network traffic analysis as well as HTTP/DNS traffic analysis.
*Working-level understanding of DDoS attack vectors and mitigation strategies.
*Above average communication skills with referenceable publications as primary author.
*2+ years performing some level of malware analysis.
*Current position involves performing malware analysis at least 25% of the time.
Experience performing static analysis of firmware.
Experience with Type 1 Hypervisors.
Experience with cross-device networking technologies and infection methods (WiFi/WiFi Direct, Bluetooth/Bluetooth Mesh, Zigbee, NFC, Z-Wave, LPWAN, HaLow, RFID).
Experience with DOCSIS and TR-069.
Thorough understanding of IPv6 and TLS.
Experience assessing IoT device security for home automation, healthcare, energy, autonomous connected vehicles or industrial control systems.
Experience with embedded solution platforms such as from Atmel, Freescale/NXP, TI, Broadcom, Intel.
Experience reversing malware for additional ISA’s (e.g. x86/x64, MIPS).
Machine level understanding of additional high-level languages (C#, VB, Go, Delphi, .Net, Java).
Working knowledge of file formats such as PE, PDF, SWF, etc.
Knowledge of packers and obfuscation techniques.
Proven experience defeating established anti-analysis techniques.
Experience applying data science approaches to the malware analysis problem space.
Derivation of campaign-level activity through the correlation of technical malware analysis artifacts and broader intelligence gathering.
Understanding of basic cryptographic concepts and common cryptographic algorithms.
Operational experience in the Service Provider Network space.
Established relationships with computer industry contacts or trust groups.
Incident response and/or forensic experience in a large-scale enterprise environment.
Arthur L Crume
ALC Staffing Associates
509 N Vermilion
Danville, IL 61832
Apply Online or email this job to apply later