Malware Analyst

We conduct in-depth research into malware and publicly present complex findings. As experts, we participate in IR, speak at conferences, and are active in mass media. Our reports are used by thousands of people all over the world.

We’d like you to join our global team. It doesn’t matter where you’re based. You can work remotely from any country, or you can work at any of our offices.

• Researching the activity of different groups, from state-sponsored APT to financial cybercrime groups.
• Handling requests from clients in the META region, including:
• Research into malicious software such as Trojans, scripts, exploits, etc
• Restoring the kill chain
• Creating rules for clients
• Improving the company’s products:
• Researching malicious tools and providing recommendations to the company’s departments
• Creating various scripts to automate hunting/detecting/etc. processes
• Automating research, potentially by creating unique tools and improving existing tools
• Writing articles for publication and presentations for speeches to be subsequently delivered at various events
• Researching malware, primarily on architecture: x86, x86-64, ARM and OSes:
  Windows (including .NET)
• Researching other malicious tools including scripts, documents, and emails
• Researching various exploits
• Creating rules for detecting and hunting malicious tools: YARA, Suricata, unique company script languages, etc.
• Analytical work while researching various malicious tools and attacker infrastructure in order to attribute samples to groups/attacks, find patterns in various malicious objects, and create hunting rules
• Preparing reports, including about results and findings from the above tasks.
• Preparing articles for publication, presentations, and public speeches

• 3 year of experience in reverse engineering and malware analysis
• Knowledge of RE tools: IDA Pro, BinaryNinja, Ghidra, x64dbg, Immunity Debugger, OllyDbg, WinDbg.

• Understanding of how to create scripts for automated analysis
• Knowledge of traffic analysis tools
• Basic knowledge of how to work with various script languages
• Good knowledge of Python
• Knowledge of common binary formats
• Knowledge of common network protocols
• Common knowledge of exploitation vulnerabilities
• Knowledge of common cryptographic algorithms
• Basic knowledge of the cyber threat industry
• Good knowledge of technical language and an ability to write technical reports
• Knowledge of techniques used by cyber criminals and malware authors
• English B2+