Listing Description
Job Description
Are you passionate about vulnerability and exploit analysis?
Do you have strong programming skills?
Are you experienced in malware analysis or reverse engineering?
Do you want to collaborate with an exceptional industry-leading team?
Then the FLARE Offensive Task Force (OTF) is looking for you!
As a vulnerability engineer working within FLARE’s OTF you will dissect attacker tools and backdoors in support of incident responders, acting as the subject matter expert on analyzing exploits discovered within malware. You will develop innovative tools to aid in the automation of vulnerability discovery, malware analysis, and reverse engineering efforts. Additionally, you will participate in our growing public presence: vulnerability disclosures, FireEye blogs, conference presentations, and the FLARE-ON Challenge.
Note that this position can be supported from any of the following office locations: Reston, VA; New York, NY; Denver, CO; or remotely for well-qualified candidates.
What You Will Do:
- Research and analyze offensive cyber capabilities
- Perform white box analysis on internal and external code
- Analyze executables and malicious files (exploits and malware)
- Collaborate with an experienced team of industry-leading analysts and researchers
- Develop novel solutions to challenges facing incident responders and malware analysts
- Support the company’s research and development efforts
Qualifications
Minimum requirements:
- Understanding of software exploits
- Ability to analyze disassembly of x86 and x64 binaries
- Experience writing and analyzing shellcode
- Strong programming skills
- Experience developing applications in C, C++, and Python
- Experienced with the following, their underlying causes, and existing mitigations:
- Stack Overflows
- Heap Overflows
- Integer Overflows
- Use After Free
- Type Confusion
- Knowledgeable in the use of:
- IDA Pro disassembler
- Virtual Machines
- User- and kernel-mode debuggers
- Common binary file formats
- Dynamic analysis tools
- Network analysis tools
- Ability to reverse engineer binaries of various types including:
- C/C++
- Delphi
- .NET
- Flash
- Compiled VBScript
- Ability to analyze packed and obfuscated code
- Capable of Python scripting to automate analysis tasks
- Experience developing scripts to decode obfuscated data and network communications
- Thorough understanding of network protocols
- Capable of identifying host and network-based indicators
- Experience mitigating anti-reverse engineering techniques
Desired Qualifications:
- BS or MS in Computer Science or Computer Engineering preferred
- Proficiency in Web Security Vulnerabilities and Exploitation preferred
Additional InformationAs a U.S. federal contractor, Mandiant has adopted a COVID-19 Vaccination Policy to comply with our obligations under applicable laws and requirements. This position may be covered under Mandiant’s COVID-19 Vaccination Policy, as required in order to support federal contracts, access company offices and/or attend in-person meetings and work events. If covered under this policy, proof of vaccination against COVID-19 may be required as a condition of hire. At Mandiant we are committed to our #OneTeam approach combining diversity, collaboration, and excellence. All qualified applicants will receive consideration for employment without regard to race, sex, color, religion, sexual orientation, gender identity, national origin, protected veteran status, or on the basis of disability. Minimum Salary: 85,900.00. Final salary will be determined commensurately with cost of living, experience level, and/or any other legally permissible considerations. Incentive Compensation: Eligibility for annual bonus subject to individual and company performance; eligibility for award of Restricted Stock Units subject to eligibility requirements, approval from Mandiant’s Compensation Committee, and vesting terms. Benefits: Whether you are just starting your career, reaching a milestone, or gearing up for retirement, we offer plans and programs to keep you happy and healthy at any stage of life. We regularly evaluate our options to make sure they’ve got everything you need. Part of what makes Mandiant great is our diverse team, and we’ve made it our priority to provide benefits that support you on your individual journey at work and at home. Mandiant subsidized benefits include Medical, Dental, Vision, Life, and Disability Insurance. Subject to eligibility requirements, Mandiant also offers the ability to participate in 401(k), Flexible Spending Accounts, Health Savings Accounts, Dependent Care Spending Accounts, and Employee Stock Purchase Program. Mandiant also provides Paid Time Off, Flexible Paid Sick Time, and Paid Holidays.
Listing Details
- Citizenship: Not Provided
- Incentives: Not Provided
- Education: Not Provided
- Travel: Not Provided
- Telework: Full Telecommute