Reverse Engineering Intern - Malware Analysis - Summer 2022 (Remote US)
On the FLARE team, we see malware in many different shapes and forms. A critical part of our workflow in analyzing malware is automatically extracting features and behaviors using sandboxes and other analysis tools. The goal of this project is to research and develop next-generation analysis tools that can be used to automatically extract features or otherwise analyze malware samples at scale.
As a FLARE reverse engineering summer intern, you will begin your internship with a guided self-study in which you will work with your mentor to gain an understanding of the art of malware analysis, as well as the processes used by the FLARE team. The self-study will continue for the duration of the Summer and will be conducted in tandem with a research or development task, prioritized by FLARE and based on your interests. Sample projects may include creating a tool to defeat a specific anti-analysis technique, creating instrumentation to extract binary features, or working to automatically decode and extract malware configurations.
- Complete the guided malware analysis self-study and discuss areas of interest with assigned mentor(s).
- Develop proficiency in using both commercial and in-house technologies used to accelerate malware analysis.
- A project or tasking with milestones will be created based on interests and FLARE team needs. Previous projects include studying obfuscation technologies and writing deobfuscators, programmatically extracting malware family configurations and researching high-profile malware.
- Develop an understanding of FLARE reporting guidelines and workflows. Analyze and report on select malware of interest.
- The ability to share technical information with a variety of audiences is important! All interns will present accomplishments from the duration of the Summer to both a company-wide audience and the FLARE team.
- Clear interest in developing a foundation in research engineering with a focus on malware analysis at scale.
- 1+ years' experience, via internships, classes, projects or similar, with Python
- 1+ years' experience, via internships, classes, projects or similar, in a system programming language (C/C++, Go, etc.).
- Basic understanding of Windows or Linux operating systems internals.
- 1+ years' experience, via internships, classes, projects or similar, with an assembly language (x86, x64, ARM, MIPS, etc.).
- Ability to document and explain technical details clearly and concisely.
- Ability to deliver well-designed and documented code and discuss technical decisions.
- Eligible students are working towards a bachelor's or master's degree and must be returning to school the semester following the internship
- Experience using a disassembler and/or decompiler (ex. IDA Pro, Ghidra, Radare2, Binary Ninja, etc.)
- Experience with assembly-level debugging (WinDbg, gdb, x64dbg, IDA Debugger, etc.).
At Mandiant we are committed to our #OneTeam approach combining diversity, collaboration, and excellence. All qualified applicants will receive consideration for employment without regard to race, sex, color, religion, sexual orientation, gender identity, national origin, protected veteran status, or on the basis of disability.
Minimum Hourly Rate: $25. Final rate will be determined commensurately with cost of living, experience level, and/or any other legally permissible considerations.
Benefits: Employer subsidized benefits include Medical Insurance. Mandiant also provides Flexible Paid Sick Time and Paid Holidays.
*Disclosure as required by sb19-085 (8-5-20)