Perimeterwatch New York , NY 11106
Cyber Security Analyst/Malware Engineer
Perimeterwatchs Security Team is currently seeking multiple skilled Security/Malware Analysts capable of analyzing threads and Reverse Engineering malware. Analysts will perform advanced analysis of malicious code and their capabilities. You will provide cyber threat and intelligence analysis, and develop related reports. You will also develop and maintain subject matter expertise of Advanced Persistent Threats and assist with Incident Response efforts. In addition you will be involved in designing advanced analytics and countermeasures to protect critical assets from threats. Analysts will be responsible for incident handling, response combat tactics and operations necessary to deter attacks.
In-depth understanding of low level programming in C, C++/Assembly (x86.)
In-depth understanding of the Python language
Solid experience performing static analysis of malware using IDA Pro/Ollydbg and other disassembler/debugging tools to determine functionality.
Experience with Windows system programming, driver development and/or IDA Python
Deep understanding of the Linux OS
Mobile IOS/Android experience
Experience with DShell
Experience developing software applications
An understanding of information security, network architecture, database concepts, document management, hardware and software troubleshooting, Microsoft Office applications, and virtualization solutions
BA/BS degree in Information Technology or Information Security, Computer Science, Intelligence Studies, Cyber Security or another related field of study or equivalent 3+ years performing technical cyber threat intelligence analysis.
Ability to reverse engineer binaries of various types including: x86, x64, C, C++, .NET, and Delphi
Understanding of x86, ARM, and x64 architectures
Capable of Python scripting to automate analysis and reverse engineering tasks
Strong knowledge of tools used for malware analysis such as debuggers and disassemblers
Strong understanding of Windows Operating System Internals and Windows APIs
Ability to analyze shellcode; packed and obfuscated code and the associated algorithms
Understanding of common attacker methodologies and exploit techniques
Understanding of network protocols and networking concepts
Strong initiative, problem solving and critical thinking skills
Experience on a Computer Incident Response Team (CIRT), Computer Emergency Response Team (CERT), Computer Security Incident Response Center (CSIRC) or a Security Operations Center (SOC).
Experience analyzing streams from SIEM/SIM/SEM tools including Qradar/AlienVault et.al
RSA Security Analytics / Net Witness
Splunk, including Splunk for Enterprise Security
McAfee ePO, HIPS
FireEye NX, EX, HX et.al