Senior Malware Researcher

Sygnia is a top-tier cyber technology and services company, providing consulting and incident response support for organizations worldwide. Sygnia works with companies to proactively build their cyber resilience and to respond to and defeat attacks within their networks. It is the trusted advisor and cyber security service provider of IT and security teams, senior managements, and boards of top organizations worldwide, including Fortune 100 companies.

The company draws on top talent from the ranks of elite military technology units and from across the cyber industry, and has some of the world’s top talents in cyber security. Described by Forbes as a “cyber security delta force”, it applies technological supremacy, digital combat experience, data analytics and a business-driven mindset to cyber security, enabling organizations to excel in the age of cyber.

Sygnia’s distributed international team is tasked with handling a wide variety of exotic cyber breaches, and is looking for a Senior Malware Researcher and Reverse Engineer to perform analysis of advanced malware, and to support threat research and incident response. In this position, you will be analyzing and dissecting unknown strains of malware discovered in live incidents globally, producing insights on novel attack techniques.

The successful candidate should be a bright expert, an energetic self-starter with the ability to take ownership and be accountable for deliverables, while at the same time supporting and helping to improve upon our analysis workflow. The candidate should have extensive hands-on experience with reverse engineering and malware research, as well as exceptional problem-solving skills and technological depth. The role also requires generating high-quality analysis reports.

Main Responsibilities

• Perform static and dynamic analysis of malware – including reverse engineering – to fully understand functionality, extract indicators, and support ongoing incident response investigations.
• Support threat research of attack formations, attacker infrastructures and APT groups.
• Provide timely identification and summarization of threats to customers.
• Conduct in-depth research of operating system internals and relevant forensic artifacts, and develop proof of concept code to extract data from forensic artifacts as needed.
• Adapt and develop tools and infrastructure to enhance research, investigative and hunting capabilities.
• Generate and present comprehensive and professional reports of findings from the analysis process.
• Support incident response efforts as needed.
• Participate in thought leadership efforts, including generation of technical content for research papers and professional publications, and present at conferences.
• Provide training and mentorship as needed.
• Respond to technical questions by other teams within Sygnia.
• Continually improve our malware-analysis workflow.

Main Requirements

• At least 5 years of relevant experience (from military service and/or industry).
• Bright, problem solver, independent, takes initiative.
• Self-learner and self-motivated: ability to learn new analysis techniques quickly, especially when faced with less-common file types.
• Extensive hands-on experience with analyzing and reverse-engineering malware samples written in multiple programming and scripting languages (C/C++, Go, .NET, Obfuscated Python, VB, PowerShell and web scripts).
• Extensive hands-on experience working with static and dynamic binary analysis tools, including IDA Pro disassembler, and user and kernel space debuggers (e.g. GDB, WinDBG, OllyDbg).
• Experience with analyzing shellcode, packed and obfuscated code.
• Familiarity with multi-arch x86/x64 assembly languages.
• Solid understanding of OS internals of at least two operating systems (Windows, Linux/Unix and MacOS).
• Deep technical understanding of network fundamentals and common internet protocols, and ability to analyze packet captures.
• Strong programming and scripting skills.
• Knowledge of cryptographic algorithms and protocols – an advantage.
• Experience with vulnerability research – an advantage.
• Team player.
• Excellent communication and interpersonal skills. Ability to express complex technical and non-technical concepts.
• Excellent communication and interpersonal skills. Fluent English, including the ability to document and explain technical information in a concise, understandable manner.

‍