Listing Description
Specific Objectives and Responsibilities
• Collect, research, and develop solutions to address primarily Windows OS specific threats
• Write detection rules in Yara and proprietary languages to grow internal rulesets
• Research and develop scripts to parse malware configurations
• Write, review, and organize technical content for publication into the H3Collective Threat Blog
• Serve as a contact to intercept and research threats found by incident response teams
Skills & Experience
• 2+ years’ experience in malware reverse engineering or equivalent experience
• Experience with application development in the C/C++ and Python languages
• Experience in writing YARA rules
• Understanding of Windows Internals:
- Windows Registry
- PE Format
- Processes/Thread/DLLs
- Windows Memory Model
- Virtualization
- Hooking/Injection mechanisms
- Usermode/Kernel mode internal structures (plus how to interpret)
• Experience using a debugger, i.e. WinDBG, OllyDBG, for dynamic analysis
• Experience using IDA Pro/Ghidra or other disassembler for static analysis of x86/x64 binaries
Desired Skills & Experience
• Experience developing security software
• Crypto: Encrypt/Decrypt, Hashing, Digital Signature/Verification
• Experience with databases, i.e. MongoDB, MySQL
• Agile Development Process experience
• Linux operating systems
• Cuckoo SandboxCollect, research, and develop solutions to address primarily Windows OS specific threats
Write detection rules in Yara and proprietary languages to grow internal rulesets
Research and develop scripts to parse malware configurations
Write, review, and organize technical content for publication into the H3Collective Threat Blog
Serve as a contact to intercept and research threats found by incident response teams
Listing Details
- Citizenship: Us Citizen
- Incentives: Bonus
- Education: No Requirements
- Travel: No Travel
- Telework: Optional Telecommute