Advanced Threat Research Analyst
Description
Webroot is seeking an Advanced Threat Research Analyst to support our Global Threat Research team. The successful candidate should be detail oriented, self-directed, highly self-motivated, have an analytical/problem solving mindset and able to balance team approach with personal initiative.
Do you have thorough experience in malware analysis and a drive to research and invent innovative solutions to prevent cyber-attacks? If so, please get in touch, as this is the role of an Advanced Threat Research Analyst at Webroot!
Specific Objectives and Responsibilities
- Collect, research, and develop solutions to address primarily Windows OS specific threats
- Write detection rules in Yara and proprietary languages to grow internal rulesets
- Research and develop scripts to parse malware configurations
- Write, review, and organize technical content for publication into the H3Collective Threat Blog
- Serve as a contact to intercept and research threats found by incident response teams
Success Factors
What will make you successful at Carbonite:
- A track record of good judgment and decision-making in positions with significant responsibility
- Highly autonomous and able to independently identify high value projects and drive them completion
- Demonstrated leadership capability in cross-functional team environments
- High degree of comfort with complex technical environments
- Having and being able to articulate/defend an informed opinion on important topics
Qualifications
- 2+ years’ experience in malware reverse engineering or equivalent experience
- Experience with application development in the C/C++ and Python languages
- Experience in writing YARA rules
- Understanding of Windows Internals:
- Windows Registry
- PE Format
- Processes/Thread/DLLs
- Windows Memory Model
- Virtualization
- Hooking/Injection mechanisms
- Usermode/Kernel mode internal structures (plus how to interpret)
- Experience using a debugger, i.e. WinDBG, OllyDBG, for dynamic analysis
- Experience using IDA Pro/Ghidra or other disassembler for static analysis of x86/x64 binaries
Desired Skills & Experience
- Experience developing security software
- Crypto: Encrypt/Decrypt, Hashing, Digital Signature/Verification
- Experience with databases, i.e. MongoDB, MySQL
- Agile Development Process experience
- Linux operating systems
- Cuckoo Sandbox
Company Overview
Together Carbonite—a leader in data protection and Webroot—a leader in data security—form the SMB and Consumer Division of OpenText. The mission of our joint offering is to make cyber resilience simple, reliable and accessible in the connected world. We enable comprehensive data protection for companies, consumers, and our vast network of partners around the globe.
Our business requires top talent. We foster a thriving, dynamic environment rich with inventive minds and entrepreneurial spirit. From engineering to sales and marketing, operations and customer support, our employees are empowered and encouraged to build their careers at OpenText.
We pride ourselves on hiring standout candidates who shine in a workplace that encourages collaboration and teamwork. We are growing fast, and looking for talented candidates around the globe. Are you ready to grow with us?#LI-POST
Carbonite, Inc. is an equal employment opportunity and affirmative action employer does not discriminate based upon race, color, religion, sex, national origin, age, genetic information, gender identity or expression, sexual orientation, protected veteran status, status as a qualified individual with a disability, or any other characteristic protected by law. Upon request, accommodations will be made available during the recruitment process for applicants with a disability. If you require accommodations, we will work with you to provide or arrange for the provision of suitable accommodation wherever possible. All qualified applicants are encouraged to apply.