Malware Researcher

What does working as Malware Researcher entail?

The main thrust of the job is, you may have guessed it, reverse engineering. You will be analyzing newly discovered malware samples and write the technical descriptions of the malicious programs as you analyze them.
Your primary goal is to uncover what the given malware does. Often you will need to drill down to the details, uncovering more of what it actually does, how it does it and for what aim it was designed. In some cases, you will put on your detective hat, pondering what’s behind not only the malware sample but also what’s behind the entire malicious operations. You will be closely monitoring different threat actors running campaigns against high value targets worldwide. Your primary goal is to uncover and document the different TTPs used by these actors and help grow our threat intelligence feeds. In order to achieve this, you will gather intelligence from our internal data stores as well as use open source ones.

In some cases, you will be cooperating with law enforcement, CERTs or the victims of cyber attacks themselves.

A significant part of your job will be writing reports on your findings, some of which will be published on our blog platform welivesecurity.com, and presenting the research findings at international conferences.

Where do Malware Researcher work?

Malware Researchers work under the Security Research Laboratory, which we refer to simply as “the VirusLab”. Some of us work on analyzing malicious code, others track entire malicious operations, looking at how they function. Other colleagues are involved in detecting malware through various methods, including automatic systems that utilize various internal technologies or involve machine learning. Our analysts and engineers have extensive experience with reverse engineering techniques, and analysis and detection of malicious code on a range of operating systems, including Windows, Linux, OS X and mobile platforms. Our global teams also comprise experts on online threats, software vulnerabilities and exploits which are used by malware authors to infiltrate and abuse systems.

Technologies used in the job:

As a malware researcher, these will be the tools of your trade: IDA Pro, OllyDbg, Hiew, WinDbg, Kibana, Impala, MISP, YARA, SysInternals tools, Wireshark, Python, SQL, IRC. But of course not everyone works in the same way: you can choose your own arsenal.

You will also rely on powerful internal tools, developed, tweaked and improved over the years to assist you in performing your awesome research in an efficient way.

BENEFITS FOR YOU

Flexibility

Corporate events

Benefits for the whole family

Sports, health and wellbeing

And many more…