Responsibilities include, but are not limited to:
- Maintain continuous awareness of threats, vulnerabilities, and new malware trends
- Dynamic Malware analysis, detailed propagation stages of malware.
- Provide insight into how malware operates, propagates, how malware defeats classical detect & react cycles.
- Contribute technical blogs, in-depth technical presentations for technical audiences.
- Maintain easily demonstratable malware environments (Virtual Machines) with actual malware attacks or with simulated exploit and pen test environments (MetaSploit, Burp, PowerSploit, or other technologies and tools)
- Bachelor's degree in Information Security, Computer Science, or other engineering field and 3+ years of work experience in a security field with pen testing and reverse engineering.
- Hands on pen testing tools, and pen test development (shell code): MetaSploit, Burp, PowerShell attack frameworks (PowerSploit, empire, etc.)
- Experience with a scripting language such as Ruby, Python.
- In-depth knowledge of basic exploitation techniques
- Experience debugging applications (WinDbg, OllyDbg, gdb)
- Experience with IDA Pro
- Strong verbal and written communication skills
- Experience as a part of security research team and developing in-depth technical blogs
- Secure coding in C/C++ and source code vulnerability analysis
- In-depth internals knowledge of one or more operating systems (Windows, Linux) desired
- Familiarity with exploit mitigation techniques and MITRE’s ATT&CK Framework
- Experience with kernel-level programming and/or debugging
- IDA Pro scripting (IDC or IDAPython) desired
- Experience reverse engineering complex applications desired
- Experience with fuzzers and fuzzing techniques desired
- Cryptography background desired