Job Description

About the role:

Reverse engineer malware to identify malicious code, obfuscation techniques, and communication protocols.
Author detection rules for behavior-based detection engines.
Conduct deep research on attacker campaigns and techniques to support detection investments and improve customer experience.
Write generic threat detections based on static and dynamic detection engines.
Demonstrate a strong understanding of cybersecurity threats, attack techniques, and the MITRE ATT&CK framework.
Conduct proactive and reactive threat hunting and identify detection issues such as misses or misclassifications from a large-scale dataset.
Respond to escalations to resolve detection effectiveness issues (misclassifications, false positives, and false negatives).
Engage and collaborate with diverse partner teams to drive great customer experiences and ensure holistic protection.
Develop alerting, reporting, and automated detection solutions.
Build tools and automation to improve productivity.

About you

3+ years of experience writing detection using Snort, Yara, Sandbox, or proprietary detection engines.
2+ years of experience performing threat hunting or deep familiarity with incident response procedures, processes, and tools.
2+ years of experience querying and analyzing (for malware/TTPs) large datasets.
Experience in programming or scripting languages (e.g., Python, PowerShell).
Experience in utilizing various malware analysis tools and frameworks (e.g., IDA Pro).
Experience performing detection engineering across multiple operating systems, including Windows, Linux, and macOS.
Excellent verbal and written communication skills in English.

Security Researcher - EDR