Sr. Security Analyst

Opentext Corporation Broomfield , CO 80021

Posted 2 months ago

OPENTEXT - THE INFORMATION COMPANY

As the Information Company, our mission at OpenText is to create software solutions and deliver services that redefine the future of digital. Be part of a winning team that leads the way in Enterprise Information Management.

The Opportunity

Webroot is seeking an Advanced Threat Research Analyst to support our Global Threat Research team. The successful candidate should be detail oriented, self-directed, highly self-motivated, have an analytical/problem solving mindset and able to balance team approach with personal initiative.

Do you have thorough experience in malware analysis and a drive to research and invent innovative solutions to prevent cyber-attacks? If so, please get in touch, as this is the role of an Advanced Threat Research Analyst at Webroot!

  • Collect, research, and develop solutions to address primarily Windows OS specific threats

  • Write detection rules in Yara and proprietary languages to grow internal rulesets

  • Research and develop scripts to parse malware configurations

  • Write, review, and organize technical content for publication into the H3Collective Threat Blog

  • Serve as a contact to intercept and research threats found by incident response teams

You Are Great At

  • A track record of good judgment and decision-making in positions with significant responsibility

  • Highly autonomous and able to independently identify high value projects and drive them completion

  • Demonstrated leadership capability in cross-functional team environments

  • High degree of comfort with complex technical environments

  • Having and being able to articulate/defend an informed opinion on important topics

What It Takes

  • 2+ years' experience in malware reverse engineering or equivalent experience

  • Experience with application development in the C/C++ and Python languages

  • Experience in writing YARA rules

  • Understanding of Windows Internals:

  • Windows Registry

  • PE Format

  • Processes/Thread/DLLs

  • Windows Memory Model

  • Virtualization

  • Hooking/Injection mechanisms

  • Usermode/Kernel mode internal structures (plus how to interpret)

  • Experience using a debugger, i.e. WinDBG, OllyDBG, for dynamic analysis

  • Experience using IDA Pro/Ghidra or other disassembler for static analysis of x86/x64 binaries

  • Experience developing security software

  • Crypto: Encrypt/Decrypt, Hashing, Digital Signature/Verification

  • Experience with databases, i.e. MongoDB, MySQL

  • Agile Development Process experience

  • Linux operating systems

  • Cuckoo Sandbox

At OpenText we understand and value diversity in our employees and are proud to be an Equal Opportunity Employer. We hire the best talent regardless of race, creed, color, national origin, ancestry, disability, marital status, sex, age, veteran status or sexual orientation. If you require accommodation at any time during the recruitment process please email accommodationrequests@opentext.com. Applicants have rights under Federal Employment Laws including but not limited to: Family and Medical Leave Act (FLMA), Equal Employment Opportunity and Employee Polygraph Protection Act

OPENTEXT - THE INFORMATION COMPANY

Our growing team is mapping the future of Information Management, and we continue to make new discoveries that expand its boundaries. Join us and be part of a winning team, where the opportunities for your career are limitless.

From its innovative start as a research project by University of Waterloo professors in 1991, OpenText has grown into a global company with offices in more than 35 countries. Our high- performance culture has forged our growth and is an excellent fit for people looking to push themselves to learn and do more.

It's our time to lead, and as part of our team, it will be your time too. Our continued growth will provide you the opportunity to explore, learn and chart an exciting career path while enjoying a good work-life balance.

Perks

If you thrive in a dynamic work environment, there is always a new horizon to explore. We are proud to offer excellent benefits, challenging work and competitive financial rewards.

Benefits

Our employee programs prioritize employees' well-being and that of their families. We offer a comprehensive benefit plan, education assistance, a wellness/fitness reimbursement and time off to volunteer.

Social events

With offices around the world and flexible work arrangements, OpenText strives to make sure all our employees feel connected. Teamwork extends to our social lives too from local social events to company-wide activities, we want our employees to take time to relax and have fun.

Corporate Citizenship

Corporate Citizenship is more than a program for us, it is engrained in our purpose, impact, and approach to doing business. Through numerous volunteer initiatives, we support education and innovation for global change.

Explore your career and your potential. Become an OpenText Voyager.

icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Sr Security Analyst

Validity

Posted 2 months ago

VIEW JOBS 9/29/2020 12:00:00 AM 2020-12-28T00:00 About the Role The Sr. Security Analyst is the cornerstone of Validity's information security compliance and governance efforts. Working under the Sr. Director, Security, and Privacy, the Sr. Security Analyst will help set and maintain security standards, organize company-wide education and awareness, manage incident response and disaster recovery/business continuity programs and activities, and work to extend ISO 27001 certification and SOC 2, type 2 assessments across the company's brands. Essential Position Duties and Responsibilities * Coordinate and conduct internal security audits in alignment with ISO 27001/27018 and SOC 2 standards and principles. * Organize and manage Validity's external SOC 2 and ISO 27001/27018 assessments. * Conduct third-party/supplier audits, client RFP/due diligence reviews, and organize 3rd party vulnerability assessments/pen tests. * Design and implement systems and processes to track, monitor, and report compliance with information security policies and procedures as well as security program performance. * Collaborate with upper management and key stakeholders on information security program development, maintenance, and enforcement to minimize Validity's risk exposure through security by design. * Act on KPI results to make continuous security program improvements. * Keep abreast of changes to security industry best practices, applicable laws, and security alerts from relevant vendors and sources (ex: US-CERT). * Work with stakeholders to define and refine Validity's security policies and procedures to enable proactive security approach. * Coordinate investigation and reporting of security incidents. * Coordinate and conduct regular incident response tabletop activities. * Responsible for the company security awareness program which includes: * Evaluating and ensuring mandatory security training content aligns with appropriate frameworks, company policies, and culture; ensuring compliance with completion timelines * Vendor selection (if applicable) * Spreading security awareness through tech talks, lunch and learns, regular communications to the company, community/industry involvement, and specialized training. * Subject matter expert (SME) to internal and external customers by providing expertise, advice, support on security-related inquiries and incidents. * Have a thorough understanding of Validity's products and services to identify where new compliance and security efforts could minimize operational risk. * Recommend and evaluate third party technology and/or services to enhance Validity security. * Assist in the implementation, adoption, and support of technology as needed. * Investigate alerts and analyze data from monitoring tools to identify and mitigate malicious activity. * Participate in 24/7 incident response on-call rotation. Experience/Skills * Minimum 5 years of work experience in an information security-based role * Experience with fraud and abuse investigations, incident response * Security-related certifications (eg. CompTia Security+, CISSP, CISM, CEH) * Ability to maintain professional, positive demeanor in high-pressure circumstances * Ability to look creatively at the big picture, to follow trends beyond obvious attributes * Collaborative mindset - a track record of cross-functional success in a team environment * Experience with risk assessment, controls identification and testing, and/or state/federal regulatory audits * Knowledge and experience with ISO 27001/SOC2 frameworks * Familiarity with Unix/Linux environments, basic working knowledge of security testing tools (Kali Linux, nmap, Nessus, Burpsuite) * Manage multiple projects/issues concurrently * Excellent written and verbal communication skills Validity Broomfield CO

Sr. Security Analyst

Opentext Corporation