דרושים » אבטחת מידע וסייבר » Malware Researcher (5661)

Requirements:
At least 5 of overall experience in the cyber security research domain.
In-depth knowledge of Windows operating system Internals
At least 3 years of experience in Windows internals, both user and kernel and research experience.
At least 2 years of programming experience in C/C++ (win32 API) in Windows
At least 2 years experience with reverse engineering - both static and dynamic as well as assembly.
Experience with anti-RE techniques such as anti-debug, anti-vm, unpacking, etc.
Strong knowledge of the cyber threat landscape, including APTs (Advanced Persistent Threats) and modern malware techniques.
Experience with debuggers such as windbg, x64dbg, ollydbg
Experience with disassemblers such as IDA Pro
Proficiency in Python
Hands-on experience with Git
Knowledge of networking and internet protocols.
A major advantage to candidates with at least 2 years of experience in at least one of the following: EDR/XDR products, Windows kernel development, Low-level security solution development, Windows exploitation, and vulnerability research.
Excellent problem-solving skills, with a passion for innovation in cybersecurity.
Ability to work independently and as a part of a team
Strong attention to detail
Ability to take initiative
The ability to work under pressure with strict deadlines, and to prioritize projects
a sense of humor.

Requirements:
BSc + MSc in Computer Science
In-depth knowledge and background in general networking and protocols (TCP/IP, DNS, SSL, HTTP, DHCP, Routing protocols, etc.) - must
Strong understanding of common threat scenarios and attack techniques (Malware infection, C&C communication, Drive-by attacks, Phishing, Network scans) - must
Excellent written communication and verbal skills - publishing research in the past.
Proficiency with at least one programming language such as Python, or Java - must
Passion for analytics and attack vectors investigation using big data platforms - NoSQL and relational DBs (MongoDB, Elasticsearch, MySQL, AWS Athena)
Experience with big data frameworks (Spark) - an advantage
Hands-on experience with analysis tools such as Wireshark, Metasploit, Nessus, Snort, Scapy
Advantage: Malware analysis and machine forensics: experience with analysis tools such as volatility, Yara, Windbg, or similar tools
Excellent English and communication skills
Team player, responsible, and well-organized.

Requirements:
We are looking for an experienced Malware Research Director to build and manage multiple teams dedicated to malware research and review. Great opportunity to establish a new operation from the ground up, including recruiting top talent, creating processes, and setting up cross-team collaboration while serving as the primary client interface. The position is primarily leadership and client-facing, requiring exceptional team-building and operational setup skills. The ideal candidate demonstrates proven experience in building teams from scratch, establishing new operations, and strong client relationship management capabilities. Responsibilities:
Build and recruit multiple teams of malware researchers from scratch
Establish operational processes, workflows, and quality standards for the new teams
Coordinate with other departments to integrate the new operation into the existing infrastructure
Serve as primary client interface, managing relationships and ensuring client satisfaction
Present research findings and malicious evidence to clients and stakeholders
Create training programs and onboarding processes for new team members
Develop performance metrics and evaluation frameworks for team effectiveness
Lead client meetings, requirement discussions, and project planning sessions
Collaborate with sales and business development teams on client engagements Requirements:
Proven experience managing at least 10 employees
Proven track record of setting up new teams or operations from the ground up
Strong client-facing experience with excellent presentation and communication skills
At least 3 years of proven experience in one of the following: malware research, reverse engineering, penetration testing, software development
Understanding of malware research principles and the cybersecurity landscape
Experience managing client relationships and delivering technical solutions to business stakeholders

Requirements:
Malware research experience in all of the following languages:
Python 3+ years
Node.JS 3+ years
Advantage Native code (C, C++), C#, Java, Go
Programming experience in Python
Experience in a managerial role
Experience in writing technical reports
Advantage Experience in binary reverse engineering
Advantage DevOps experience.

Requirements:
3+ years of professional experience in cybersecurity research, threat intelligence, or a related field.
Deep understanding of cybersecurity threats and attack techniques involving SaaS, cloud, or web technologies.
Hands-on experience with threat intelligence, network research, penetration testing, Identity and Access Management or Systems research
Proficiency in programming/scripting languages such as Python
Strong analytical and problem-solving skills with a passion for research and innovation.
Ability to communicate complex technical findings clearly to both technical and non-technical audiences.
Experience working in a fast-paced, dynamic environment.
Bachelors or Masters degree in Computer Science, Information Security, or a related field (or equivalent experience).
Relevant certifications (e.g., OSCP, CEH, GXPN) are an advantage.
Bonus Points:
Familiarity with security frameworks and compliance standards.
Contributions to the security research community (e.g., published CVEs, conference talks, open-source tools).

Requirements:
5+ years of experience in security research, reverse engineering, or exploit mitigation.
Strong understanding of Windows internals and kernel security.
Expertise in reverse engineering (IDA Pro, Ghidra, WinDbg, x64dbg, etc.).
Proficiency in C/C++ programming for security-related projects.
Familiarity with authentication protocols such as NTLM, Kerberos, OAuth, SAML.
Experience developing or maintaining open-source security tools.
Strong analytical and problem-solving skills in a research-driven environment.

Requirements:
A background of at least 5 years in defensive and/or offensive Cyber Security:
Red Teaming / Penetration Testing or Malware analysis experience
Blue Teaming / Threat Hunting experience
Solid understanding of various enterprise technologies, such as:
OS internals, EDR
Active Directory, Office 365
Cloud technologies such as AWS, Microsoft Azure and GCP
Network protocols and security products
Identity & SSO products such as Okta, Auth0 and OneLogin
Kubernetes
Experience with Python, SQL or similar data analysis capabilities
Proficient in English (both written and spoken)

Requirements:
Desired Qualifications
Bachelor's degree in Computer Science, Cybersecurity, or equivalent experience.
3+ years of experience in security engineering, appsec, or penetration testing.
Expertise in security frameworks (NIST, ISO 27001, CIS Controls) or similar.
Experience with software composition analysis (SCA), SBOM generation, and open-source license compliance.
Experience with Nessus, Qualys or similar, DAST, and SAST tools.
Familiarity with cloud security (AWS, Azure, GCP).
Certifications such as CISSP, CEH, OSCP, or CISM are a plus.
Nice To Have Skills
OWASP Top 10 and web application security expertise.
Proficiency in Python, Bash or other languages for automation and familiarity with Linux OS
Experience securing CI/CD pipelines and DevSecOps practices.
Knowledge of container security (Docker, Kubernetes).
Understanding of IAM, Zero Trust, and compliance (GDPR, HIPAA, PCI-DSS).
Familiarity with SOC operations and incident response.
Strong communication skills for cross-team collaboration.
Background in forensics, red team, malware analysis, or reverse engineering.

Requirements:
Minimum of 10 years of professional experience in security research and/or development-oriented positions
Ability to conduct in-depth and independent technical research in OS internals and security, focusing on areas where public knowledge may be limited. This research is aimed at enhancing product capabilities and security modules, all within strict deadlines and considering technical constraints of the product.
In-depth knowledge of some operating system internals is a must - Knowledge of Linux is an advantage
Development experience in C/C++/Rust is a must, 5 years at least
Experience in reverse engineering - both static and dynamic, and security research is a must - 5 years at least
Development knowledge in some scripting languages is a must - Experience with Python is an advantage
Exploitation experience is an advantage (either application-level security or memory corruption)
Experience with Kubernetes and cloud workloads is an advantage
Ability to work independently and as a part of a team
Strong attention to detail
Ability to proactively take initiative and lead projects within a cross-organizational environment, effectively coordinating with multiple teams and stakeholders.

Requirements:
Intimate knowledge and understanding of attack methods and techniques over endpoints and enterprise networks
Proven experience as part of an R&D/development team, along with strong proficiency in Python programming
Experience and interest in at least one of: incident response, red team, advanced threat hunting, detection research, advanced detection engineering
Comfortable conducting research and gathering insights by querying large databases.
Advantage if you have in-depth knowledge of the inner workings of operating systems (especially Windows)
Advantage if you have experience working with graph DB and algorithms
Advantage if you have experience in statistics, advanced data studies, or machine learning.
Ability to drive and own projects
Independent and team player, critical thinker
Excellent communication skills.