Malware Researcher (REMOTE - Anywhere in the US)
- Reston, VA
FireEye is the leader in intelligence-led security-as-a-service. Working as a seamless, scalable extension of customer security operations, FireEye offers a single platform that blends innovative security technologies, nation-state grade threat intelligence, and world-renowned Mandiant® consulting. With this approach, FireEye eliminates the complexity and burden of cyber security for organizations struggling to prepare for, prevent, and respond to cyber attacks. FireEye has over 7,000 customers across 67 countries, including more than 45 percent of the Forbes Global 2000.
FireEye’s Endpoint Security Research and Operations team is a group of top notch security researchers specializing in advanced malware analysis, exploit analysis, reverse engineering, and even machine learning. We are seeking a malware researcher with a propensity for finding evil. The candidate must have the passion and experience necessary to turn research findings into practical threat detections across various FireEye products. Our team doesn’t just analyze malware – we find evil.
- Perform static and dynamic analysis of Windows-based malware
- Proactively identify and research the latest malware observed in the wild
- Turn research findings into content for use in our endpoint products
- Handle customer escalations by resolving customer reported FPs/FNs
- Analyze alert data collected from millions of endpoints to proactively improve detection
- Collaborate with our global team to provide our customers follow-the-sun coverage
- Share your most exciting research findings through various channels such as FireEye’s Threat Intelligence blog and internal presentations
- Identify detection gaps and propose product detection capability improvements
- Perform exploit analysis and vulnerability research (experience permitting)
The following blogs provide recent examples of the type of research performed by FireEye’s Endpoint Security Research and Operations team.
- Minimum 2-3 years direct experience analyzing of Windows-based malware
- Experience with IOC and signature based detection tools (OpenIOC, ClamAV, Snort, YARA)
- Experience with dynamic malware analysis tools (SysInternals, Regshot, wireshark, tcpdump)
- Understanding of networking/system administration and software development concepts
- Strong industry knowledge through a familiarity with APT groups, active campaigns, and malware trends
- Familiarity with debuggers and disassemblers (OllyDbg, IDA pro)
- Experience with scripting languages such as Perl or Python
- Experience in Vulnerability Research and Reverse Engineering
- In-depth experience with debuggers and disassemblers (OllyDbg, IDA pro)
- Knowledge of exploitation concepts such as Shellcode, Heap Spray, ROP, etc.
- Strong problem solving, troubleshooting, and analysis skills
- Experience working in fast-paced development environments
- Excellent written and verbal communication skills
- Excellent inter-personal and teamwork skills
- Self-driven, proactive, hardworking, team-player with a good sense of humor
- BS/MS in computer science or equivalent experience
All qualified applicants will receive consideration for employment without regard to race, sex, color, religion, sexual orientation, gender identity, national origin, protected veteran status, or on the basis of disability.