- Citizenship: Not Provided
- Incentives: Not Provided
- Education: Not Provided
- Travel: Not Provided
- Telework: Full Telecommute
Are you passionate about vulnerability and exploit analysis?
Do you have strong programming skills?
Are you experienced in malware analysis and/or reverse engineering?
Do you want to collaborate with an exceptional industry-leading team?
Then the FLARE Offensive Task Force (OTF) is looking for you!
As a vulnerability engineer working within FLARE’s OTF you will dissect attacker tools and backdoors in support of incident responders, acting as the subject matter expert on analyzing exploits discovered within malware. You will develop innovative tools to aid in the automation of vulnerability discovery, malware analysis, and reverse engineering efforts. Additionally, you will participate in our growing public presence: vulnerability disclosures, FireEye blogs, conference presentations, and the FLARE-ON Challenge.
What You Will Do:
- Research and analyze offensive cyber capabilities
- Perform white box analysis on internal and external code
- Analyze executables and malicious files (exploits and malware)
- Collaborate with an experienced team of industry-leading analysts and researchers
- Develop novel solutions to challenges facing incident responders and malware analysts
- Support the company’s research and development efforts
- Understanding of software exploits
- Ability to analyze disassembly of x86 and x64 binaries
- Experience writing and analyzing shellcode
- Strong programming skills
- Experience developing applications in C, C++, and Python
- Experienced with the following, their underlying causes, and existing mitigations:
- Stack Overflows
- Heap Overflows
- Integer Overflows
- Use After Free
- Type Confusion
- Knowledgeable in the use of:
- IDA Pro disassembler
- User- and kernel-mode debuggers
- Common binary file formats
- Dynamic analysis tools
- Network analysis tools
- Ability to reverse engineer binaries of various types including:
- Compiled VBScript
- Ability to analyze packed and obfuscated code
- Capable of Python scripting to automate analysis tasks
- Experience developing scripts to decode obfuscated data and network communications
- Thorough understanding of network protocols and common binary file formats
- Capable of identifying host and network-based indicators
- Experience mitigating anti-reverse engineering techniques
At Mandiant we are committed to our #OneTeam approach combining diversity, collaboration, and excellence. All qualified applicants will receive consideration for employment without regard to race, sex, color, religion, sexual orientation, gender identity, national origin, protected veteran status, or on the basis of disability.
Minimum Salary: $140,000. Final salary will be determined commensurately with cost of living, experience level, and/or any other legally permissible considerations.
Incentive Compensation: Eligibility for annual bonus subject to individual and company performance; eligibility for award of Restricted Stock Units subject to eligibility requirements, approval from Mandiant’s Compensation Committee, and vesting terms
Benefits: Employer subsidized benefits include Medical, Dental, Vision, Life, and Disability Insurance. Subject to eligibility requirements, Mandiant also offers the ability to participate in 401(k), Flexible Spending Accounts, Health Savings Accounts, Dependent Care Spending Accounts, and Employee Stock Purchase Program. Mandiant also provides Paid Time Off, Flexible Paid Sick Time, and Paid Holidays.
*Disclosure as required by sb19-085 (8-5-20)