Norse is seeking a qualified, motivated, andexperienced malware analyst / reverse engineer with technical expertise and researchexperience. We are an extremely fast-paced,security-driven company that requires coordination of team efforts to thrive. We provide unparalleled insight into suspect and malicious activity as well as intelligence on the miscreants behind that activity. This insight is forfellow InformationSecurity and IT professionals to use in mitigatingthreats to theirnetworks and systems, as well as our own.
An opportunity for anexperienced malware analyst / reverse engineer familiar with examining malicious software to understand the nature of and how to mitigate thethreat on all endpoint devices (servers, appliances,mobile, and desktop systems) with the environment a startup provides. The individual filling this role will conduct both dynamic and static analyses of suspicious code, classify the malware into families, and determine the actors behind them.From this analysis, they will establish signatures that indicate its presence and how such code spreads through systems while also contributing efforts to developing tools and procedures to detect the malicious code. Taking the malicious software and analysis, determining possible mitigations and compensating controls, reviewing the Norsethreat intelligence platform for correlating activity, and then generatingreports on that activity for consumption by staff, our customers, third parties, and the informationsecurity community as a whole. Suchreporting will be technical in nature, digestible by C-level executives (such as Chief InformationSecurity Officers), as well as technical informationsecurity andinformation technology practitioners. In addition, this role will provide recommendations and suggestions to enhance Norse’s powerful live attack and advancedthreatintelligence capabilities.
- Examine, identify, classify, and understand the nature of malicious code such as viruses, worms, bots, rootkits, and Trojan horses and how they impact servers, appliances, desktop systems, and mobile devices. Have intimate knowledge of three phases of malware analysis (Behavioral analysis, code analysis, and memory analysis)
- Experience with interpreted and compiled programming languages; and must possess a keen understanding of software development/Software Development Life Cycle (SDLC)
- Extensive knowledge of high level programming languages such as C/C++, Python, Assembly, as well as various scriptinglanguages.
- Experience with signature development along with writing exploit code
- Understanding and in-depth knowledge regarding malware analysis and reverseengineering, including extensiveexperienceusing common tools such as:
- Dissasemblers (such as IDA Pro)
- Debuggers (such as OllyDbg and WinDbg)
- System Monitor (such as Process Monitor, RegShot, and Process Explorer)
- Network Monitor (such as TCP View, TCP Dump, and Wireshark)
- Packer Identifier (such as PEID)
- Unpacking Tools (such as Qunpack and GUNPacker)
- Binary Analysis Tools (such as PE Explorer and Malcode Analysts Pack)
- Code Analysis ToolsÂ (such as LordPE, ImpRec,BinDiff)
- Understanding and in-depth knowledge regarding the administration, use, securing and exploiting common operating systems
- Understanding and in-depth knowledge regarding the administration, use, securing and exploiting common consumer and enterprise devices.
- Understanding of computer networking, routing and protocols
- Demonstrated excellent communications skills, both oral and written for working with a diverse, professional clientele with varying skill levels and technical experience/competency. Ability to interact with customers and staff in person and via written communications. Ability to research highly technical topics, pull together various sources into one concise technical document and put the research into process and procedural documentation and explain technical details clearly and concisely
- Willingness and desire to learn. Possess and nurture a hacker mentality, being able to visualize issues and possible solutions ‘outside the box.’ Must be a punctual, professional and devoted member of our team with the ability to safeguard sensitive, restricted and other information deemed to have special handling and dissemination protocols.
- High level of ethics and core values.
Educational / Certifications and Other Requirements:
- Bachelor’s degree, a combination of experience and/or Associates degree, or an equivalent combination of education and work experience. Degree must be from an accredited institution, prefer degree be in a technical discipline or majority of coursework in Information Security or Information Technology
- Minimum of five (5) years of Information Technology and/or Information Securityexperience. Minimum of 5+ (five plus) years of related experience in the field of Information Security, to include malware analyst / reverse engineer, monitoring and detection, intrusion analysis, threat and/or vulnerability analysis
We offer a competitive salary and benefits. This is a full-time, exempt position located in San Mateo, California reporting to the director of DarkWolf Labs. The responsibilities and duties described here are intended to provide typical examples of the role and are not comprehensive.