Skyhigh Security
Location
Bangalore | India
Job description
Responsibilities :
You will process incoming malware analysis and detection requests from customers, our first level Research team, and other teams within Trellix.
You will proactively add detection for prevalent threats, and author proactive detection to provide enhanced protection.
You will perform static and dynamic analysis of malware, including - infection, propagation, lateral movement, exploitation POCs, etc
You will extract malicious patterns from malware and author effective detection and repair signatures and test them before being utilized by our Trellix endpoint protection product.
You will participate in the incident response process on an as needed basis and prepare analysis of the incident, remediation instructions, and assist customers.
Using your coding skills, you will help develop automation framework for malware analysis and efficiency improvements.
You will propose and create innovative solutions for problems that our customers are facing.
You will share your most exciting research findings through blogs and internal presentations.
You will work closely with colleagues in the same and other time zones, and attend a daily handover to the next region.
You may be required to support on-call work during holidays and weekends as part of a team rotation.
Qualifications :
You must have 5+ years of experience in a Malware Researcher role
You must have experience with Python, C/C++, or other similar programming languages.
You must have experience in reverse engineering, and proficiency in debugger usage (OllyDbg, IDA pro).
You must understand file formats for Windows (PE), Linux (ELF), or macOS (APP, PKG)
You must have knowledge of OS internals (memory, threads, processes, API, etc) on Windows, Linux, or macOS
You must have awareness of global threats, regional threats, and top adversaries / criminal groups focusing on malware including affiliate networks pertaining to Windows OSes.
You must have experience with various malware analysis tools.
You should have excellent problem-solving skills, be a fast learner, and be self-motivated to take on initiatives with a focus on achieving results in a timely manner.
You should have a proven ability to translate insights into business recommendations.
Ability to positively adapt to changes and multitasking in a fast-moving industry
Additional Qualifications :
Knowledge of networking protocols and experience with network traffic analysis tools (Wireshark, Fiddler).
Knowledge of exploitation concepts such as Shellcode, Heap Spray, ROP, etc
Experience working for Endpoint Protection (AV) operations and SOC environments is a plus
Experience with sandbox-based detection technologies
Company Benefits and Perks:
Job tags
Salary