Whom are we looking for? LIFARS is looking for a Senior Malware Analyst to join our global Cybersecurity and Digital Forensics & Incident Response department. We need a highly driven, motivated, creative, reliable, diligent, detail-oriented, and clever individual to join our team. We are in a competitive environment, and we need to “hack it” with innovative approaches. The desired candidate should have experience with cybersecurity, hands-on technical experience, theoretical understanding of forensic science, and be able to roll up their sleeves and work independently as needed.
*Ideal candidate will be located in either Prague, Czech Republic or Bratislava, Slovakia
About the role:
The primary responsibility of this role will be to analyze and evaluate malicious code to create technical reports for indicators of compromise and to recommend mitigation and detection actions. You will work to continually improve current malware analysis techniques and identify new ways to improve malware identification best practices. TTPs, IoCS and understanding of malware persistence is needed to support digital forensics investigation. Conduct research and training on comprehending emerging malicious code threats. The individual in this position will work very closely with technical project managers, incident responders and the LIFAR CISO.
Responsibilities:
Conduct both dynamic and static analysis of suspicious code in order to establish malicious capability and determine potential impact.
Experience with host and network monitoring for analysis of malware execution & propagation methodologies.
Perform analysis on captured data, such as audit, log, network traffic, et cetera, to identify any intrusion-related artifacts.
Understanding of operating system-specific exploitation vectors, memory injections, vulnerabilities in operating systems related to malware execution and persistence.
Analyze malicious code by employing tools, scripting languages, and leveraging virtual machines/environments.
Generate documentation of vulnerabilities and exploits used by malware in written reports.
Communicate written and verbal information in a timely, clear, and concise manner.
Generate technical summary of findings in accordance with established reporting procedures.
Develop and recommend mitigation strategies.
Develop signatures, techniques, and rules to identify malware vectors.
Collaborate with internal and external organizations to discover new threats, develop mitigation techniques, processes, and tools which further the CSSP mission, as directed by the customer.
Evaluate emerging threats.
Correlate data from multiple sources to identify probable threat actors.
Requirements/Qualifications:
Minimum of four years’ experience in technology/tools specific to the target platforms.
Demonstrated experience using Commercial (IDA Pro, Hex-Rays, WinDbg, etc.) and Open Source tools like OllyDbg.
Understanding of behavioral based threat models like Cyber Kill Chain, etc.
Familiarity with Linux OS and mobile iOS/Android forensics.
Demonstrated experience writing code (C, C++, Python, Perl, Java, Powershell, Assembly language, etc.)
Capable and comfortable communicating actionable threat intelligence to both technical and executive-level stakeholders.
Working knowledge of Computer Network Exploitation (CNE), Computer Network Attack (CNA) and Computer Network Defense (CND) tools and techniques.
A deep understanding of advanced cyber threats targeting enterprises, along with the tools, tactics, and procedures used by those threats.
Understanding of software engineering methodologies.
Ability to analyze shellcode, and packed and obfuscated code, and their associated algorithms.
Understanding of common attacker methodologies and exploit techniques.
Capable of Python scripting to automate analysis and reverse engineering tasks.
Strong understanding of network protocols and networking concepts.
Strong understanding of Windows Operating System Internals and Windows APIs.
Strong understanding of the PE file format and experience parsing structured or unstructured data.
Good interpersonal, strong initiative, problem solving, organizational, writing, communications, and briefing skills.
Required Tools:
IDA Pro, Debuggers, disassemblers, virtual machines, hex editors, and un-packers, X-Ways and Open source methods and tools to perform malware forensic investigations.
Physical Requirements:
Use hands to operate a computer and other office productivity machinery, such as calculator, copy machine and computer printer.
The person in this position needs to occasionally move about inside the office to access file cabinets, office machinery, etc.
Required Certifications:
Possess at least one relevant professional designation or related advanced IT certification, but not limited to the following:
GIAC Reverse Engineering Malware (GREM)
GIAC Certified Incident Handler (GCIH)
GIAC Network Forensic Analyst (GNFA)
GIAC Intrusion Analyst (GCIA)
Benefits of working at LIFARS:
You will be joining a cutting-edge team and will be able to influence the architecture, design, and structure of our core platform. You will tackle extraordinary challenges and work with the very BEST in the industry.
Medical, Vision, Dental, 401(k), Commuter, Health and Dependent FSA
Generous PTO
Paid cyber education courses and certifications (SANS, CompTIA, etc.)
Speaking opportunities at industry events and promotions
Participation in Company Unit Allocation Plan (equity)
Paid Company Holidays
Paid Sick Time
Gym membership reimbursement
Company phone
Company paid travel to NYC office
Numerous company-sponsored events and team building.
LIFARS is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics.
To apply send your resume and cover letter: Visit this page...
