MXDR Malware Analyst

Group-IB is a partner of INTERPOL, Europol, and a cybersecurity solutions provider, recommended by SWIFT and OSCE. Such partnerships give us advantages in our everyday duties.

We make a deep research of malware and public presentation of complex research. We participate in IR and perform as experts at conferences and in mass media. Our reports are used by thousands of people all over the world.

And we invite you to our global team!

• Research malicious files, conduct reverse engineering, and develop methods and approaches for detecting malicious files based on their behavior
• Emulate attacker actions in a virtual environment to test and improve detection capabilities
• Implement detection logic within an existing framework (using Python, Rust, Yara, Sigma, Suricata)
• Independently identify problematic cases, evasion techniques for dynamic analysis systems, and solutions to these issues.
• Analyze detection logic for false positives and minimize such occurrences
• Conduct analysis of similar solutions to compare system behavior in different scenarios
• Test detection logic rules for functionality and performance

• Have experience with IDA Pro, ring-3 debuggers, sandboxes, and other static and dynamic analysis tools
• x86 and x64 assembly knowledge
• Understand Windows architecture, WinAPI, and the PE file format
• Have a good understanding of PDF and MS-CFB formats
• Can analyze obfuscated code written in scripting languages
• Know how to set up a virtual machine for malware analysis
• Have experience in Python
• Have a keen interest in diverse tasks and the ability to quickly learn new things
• Possess persistence and the ability to see complex tasks through to completion

• Experience in exploit analysis (Flash, PDF, DOCX, etc.)
• Experience in network traffic analysis
• Penetration testing experience
• Knowledge of Rust