The security industry game changer. Join us. Grow with us. To apply for a position, send cover and résumé to:

Senior Malware Researcher

▸ Location: Santa Clara, CA, US • Department: Engineering

Job Description:

We are seeking a passionate hacker who derives purpose in life by reverse engineering complex botnets and APTs and developing anti-malware solutions to detect and remediate them. You will participate in the design and implementation of Cyphort next generation network security product, and will be faced with some of security’s hardest and most interesting problems.

  • Excellent verbal and written communication skills
  • Knowledge in Security and Malware detection technologies
  • Understanding of networking and core Internet protocols (TCP/IP, HTTP)
  • Expertise in either Windows or MacOS malware analysis
  • Familiarity with snort rules
  • Programming background with scripting languages such as Perl or Python
  • Experience using network security attack and prevention tools ( Wireshark, Metasploit, Snort).
  • Experience using Reverse Engineering tools (IDA pro, Windbg, ollydbg).
  • BS or BSE in computer science/engineering, or equivalent experience
  • Goal oriented and results-driven attitude
  • Indomitable work ethic
  • Excellent team player
Duties and responsibilities
  • Analyze malware behavior throughout the kill chain.
  • Reverse malware binaries to extract key behavioral indicators or alternatively, specialize in Vulnerability and exploit detection.
  • Utilize various analysis tools to unpack, decrypt, safely detonate, capture communication of suspicious binaries and documents.
  • Author blog posts describing malware behavior, trends in cyber criminal activity, network breaches, cyber espionage attacks and global malware campaigns.
  • Analyze reports of false positive and false negative detections and take or recommend appropriate remediation actions.
  • Build tools to automate daily activities.
  • Experience with vulnerability discovery and exploit detection

Sr Research Engineer – Security Content

Job Description:

One of Cyphort’s key cyber threat detection engines analyzes network activity to identify infected hosts in a customer environment. Cyphort is currently looking for a highly motivated, self-starter, independent thinker for a leadership role to spearhead the Research and Development efforts that enhances Cyphort’s content generation and detection methods, targeting the stealthiest advanced persistent threats.

  • Experience working with Snort or Suricata rules.
  • Experience in researching and analyzing Vulnerabilities and Malware.
  • Experience creating signatures for leading IPS/IDS products on a daily basis.
  • Solid understanding of TCP/IP stack and experience using using packet capture and decoder tools like wireshark/tcpdump.
  • Experience with packet crafting tools and application traffic generation is desirable.
  • Experience in building automation frameworks and tools for signature generation.
  • Understanding of IDS/IPS and Firewall internals or sandboxing technologies a plus.
  • Exposure to open source and commercial signature feeds.
  • Experience with scripting languages, preferably python.
  • Experience building production quality software.
  • BS degree in computer science or higher.
  • 3 or more years of experience in this field.
  • High energy, highly motivated with a good sense of urgency.
  • Excellent communication skills, both verbal and written.
  • Indomitable work ethics.
Duties and responsibilities

Joining the Threat Research team in Cyphort Labs, you will be working on Content generation for Cyphort’s Network-based detection of APTs. More specifically, you will be responsible for:

  • Analyzing newly discovered threats for network traffic.
  • Enhancing Cyphort’s ability to extract actionable network communication from malware samples via any method that can be automated, dynamic or static.
  • Designing and developing a framework for automating Content generation.
  • Developing frameworks to automate 3rd party Content feed integration.
  • Investigating and evaluating new Content feeds.
  • Bringing new creative ideas for dynamic Content generation for zero-day malware.
  • Analyzing large amounts of statistical data in a no-SQL data store for actionable intelligence.
  • Monitoring efficacy of Cyphort’s network detection in the field.
  • Analyzing False Positives reported by customers.
  • Influencing the development of the next-gen capabilities by guiding developers to implement new features in customer facing products.

See the Anti-SIEM in Action.

Schedule a live demo at your convenience, and we’ll present the detection, analytics, and mitigation capabilities of the platform.