Reverse Engineer Intern – Binary Similarity
- Reston, VA, USA
FireEye is the leader in intelligence-led security-as-a-service. Working as a seamless, scalable extension of customer security operations, FireEye offers a single platform that blends innovative security technologies, nation-state grade threat intelligence, and world-renowned Mandiant® consulting. With this approach, FireEye eliminates the complexity and burden of cyber security for organizations struggling to prepare for, prevent, and respond to cyber attacks. FireEye has over 7,000 customers across 67 countries, including more than 45 percent of the Forbes Global 2000.
On the FLARE (FireEye Labs Advanced Reverse Engineering) team we see malware in many different forms and perform analysis to track numerous malware families as they develop and evolve.
On the FLARE team, Binary Similarity falls into two categories: identifying similar functionality across different samples, and identifying samples as being related to each other.
The goal of this project is to perform research and development to extend and improve FLARE’s Binary Similarity and identification capabilities. To accomplish the goals for this project the intern will first analyze the current tools FLARE uses to reverse engineer and identify malware techniques and families. The intern will then be given a research or development project, prioritized by FLARE, to deliver. Sample projects include: researching new or novel techniques to identify related code groups, analyzing changes and commonalities across malware families, or analyzing malware samples seen by FLARE to extract unique indicators.
The goals of the FLARE intern are twofold: to provide an opportunity to introduce the art of malware analysis, and to improve the capacity of the FLARE team. A successful intern will study reverse engineering resources, including the courses offered by Mandiant, so that they may attain the title of "Reverse Engineer" and be considered when applying to the FLARE team. The FLARE team has a strong history of converting interns into full time employees that tackle malware in support of our clients. The successful intern will also develop useful tools and processes that augment the capabilities of the FLARE team. This team is flooded with requests to analyze malware to support investigations, client requests, and detection.
This project will provide interns an opportunity to work on a critical software component used across the company. The goals and objectives of this project are to support the FLARE team by researching new methods to identify similar code families and malicious techniques across a large array of malicious binaries, and by fine-tuning our existing instrumentations.
- Development experience with C and Python.
- Basic understanding of Windows and Unix operating systems internals. Experience with X86 and AMD-64 assembly and system architecture.
- Experience with hardware and software virtualization.
- Strong in software testing and debugging.
- Ability to document and explain technical details clearly and concisely.
All qualified applicants will receive consideration for employment without regard to race, sex, color, religion, sexual orientation, gender identity, national origin, protected veteran status, or on the basis of disability.