Role: Malware Researcher
Location: M4 Corridor
CND are partnering a global leader in online threat research who are looking for a talented individual to join the team focussing on high profile cyber security investigations. As part of a Special Investigations Unit, the successful candidate will use their experience in Malware Analysis and reverse engineering to investigate botnets, APTs and protect critical systems.
Our client is breaking down threats on the forefront of cyber security and require an expert who is technically exceptional that can also report and write white papers for a wider public audience. By examining and investigating malicious threats, the Special Investigations Unit is actively making cyber space a safer place for all.
- Researching and reporting on how specific attacks have been performed
- Reverse-engineering Malware in order to understand how and why an attack has occurred
- Developing and refining effective signatures and Indicators of Compromise based upon evidence
- Deep technical analysis of attacks in order to produce reports on the tools, tactics and procedures
- Work as a crucial member of a Special Investigations team and liaise with colleagues throughout the business
- Whitepaper and blog writing for internal and external readers
- Respond to requests for information from within the business
- Malware Reverse Engineering expertise
- Fluent in programming languages (e.g. C/C++)
- Disassemblers, de-compilers and debuggers such as IDAPro, OllyDBG, windbg and Immunity
- Static, dynamic and behavioural malware analysis
- Cryptography exposure
- Network traffic capture and analysis tools (e.g. Wireshark, tcpdump, pcap files, Zap or Burpsuite)
- IOC detection techniques (cryptographic checksums, IDS rule definitions, regular expressions and blacklisting)
- Microsoft Windows operating system Internals (e.g. kernel, registry, file system, windows APIs and windows IPC mechanisms)
- Experience using the Linux operating system highly desirable
- Processor architectures such as x86, X64 and ARM
- Obfuscation and de-obfuscation techniques
- Risk and threat assessment techniques including kill chain analysis
To apply please send a CV and covering letter outlining your suitability, salary requirements and availability.
In line with Asylum & Immigration Legislation, all applicants must be eligible to live and work in the EU. Documented evidence of eligibility will be required from candidates as part of the recruitment process. Furthermore, in view of the nature of the work, all potential employees will undergo stringent reference and identity checks.
CND Limited is acting as an Employment Agency in relation to this vacancy.