Description

Webroot is seeking an Advanced Threat Research Manager to support our Global Threat Research, Data Science, and Engineering teams.

The Advanced Threat Research team is small multi-purpose group. Team tasking varies between threat actor research, operating system internals research, and efficacy-focused design and development. Projects are proposed, prototyped, and assessed within the team.

The role necessitates a wealth of reverse engineering, threat research and leadership experience. The driven candidate should be deeply familiar with both the Windows API and lower level operating systems fundamentals.

Specific Objectives and Responsibilities

Your First Six Months:

• Familiarize yourself with product lines, the global engineering organization, and product efficacy capabilities.
• Working with the team on hands-on malware analysis tasks, product innovation and development discussions with product engineering teams.
• Assist the Data Science team with malware reverse engineering & model performance review.

Six to Twelve Months and Beyond:

• Work with engineering teams across the broader Webroot & Carbonite organizations to assess security & detection capabilities of the associated products
• Propose innovative solutions / heuristics to bolster internal threat intelligence or enhance product efficacy
• Contribute to the design and development of the aforementioned projects

Key Challenges to Overcome

The team strives to achieve lightning-fast project turnaround. Projects grow and from ideation to proof-of-concept very quickly, so the candidate should be prepared to work in a brisk-paced research environment. The candidate’s success on the team depends chiefly on their drive to understand, their desire to learn, and their ability to convert theoretical heuristics into practical threat detection technologies.

The candidate’s successes will have a direct impact in keeping businesses & consumers alike safe against breaches & malware.

Success Factors

What will make you successful at Carbonite:

• Motivate, mentor and guide the team members in a fast paced development environment, innovating and solving problems which have no currently known solution in the industry.
• Provide leadership, technical expertise and career development for individual contributors.
• Be highly autonomous and able to independently identify high value projects and drive them completion.
• Have a high degree of comfort with complex technical environments.
• Having and being able to articulate/defend an informed opinion on important topics.

Qualifications

• Solid understanding of operating systems
• Windows Internals:
  
  • PE Format
  • Processes/Thread/DLLs
  • Windows Memory Manager
  • Windows Security Model - user/groups, SACL/DACL, Tokens, Desktops, etc
  • Virtualization
  • Hooking/Injection mechanisms
  • Usermode/Kernel mode internal structures (plus how to interpret)
• C / C++ – 5+ years
• Python – 2+ years
• Malware Analysis – 5+ years
• Windows API – 5+ years
• Static & Dynamic malware analysis
• Disassembler familiarity (IDA / Ghidra / Radare)
• Debugging familiarity (Windbg / Ollydbg / debugger of your choice)
• Development in a team setting (SCM processes)
• Crypto: Encrypt/Decrypt, Hashing, Digital Signature/Verification
• Driver development experience a huge plus
• Cloud (AWS/GCP) a plus
• Management or leadership experience – 2-5+ years
• Excellent all-around communications skills required.

Company Overview

Together Carbonite—a leader in data protection and Webroot—a leader in data security—form the SMB and Consumer Division of OpenText.  The mission of our joint offering is to make cyber resilience simple, reliable and accessible in the connected world. We enable comprehensive data protection for companies, consumers, and our vast network of partners around the globe.

Our business requires top talent. We foster a thriving, dynamic environment rich with inventive minds and entrepreneurial spirit. From engineering to sales and marketing, operations and customer support, our employees are empowered and encouraged to build their careers at OpenText.

We pride ourselves on hiring standout candidates who shine in a workplace that encourages collaboration and teamwork. We are growing fast, and looking for talented candidates around the globe.  Are you ready to grow with us?#LI-POST

Carbonite, Inc. is an equal employment opportunity and affirmative action employer does not discriminate based upon race, color, religion, sex, national origin, age, genetic information, gender identity or expression, sexual orientation, protected veteran status, status as a qualified individual with a disability, or any other characteristic protected by law.  Upon request, accommodations will be made available during the recruitment process for applicants with a disability. If you require accommodations, we will work with you to provide or arrange for the provision of suitable accommodation wherever possible.  All qualified applicants are encouraged to apply.