Petah Tikva, Israel
Cyberint is looking for a talented and self-driven Security Researcher to join our global Security Research Team. This technical position includes comprehensive HO work in fields such as Malware Research, Reverse Engineering, investigating, and responding to threats targeted against Cyberint’s Customers. The team is responsible for the comprehensive cyber defence of Cyberint’s customers and is part of Cyberint Managed Global services.
- Provide deep cyber threat intelligence analysis to enterprise clients and various internal teams
- Research malware behavior and evasion techniques across all stages of the malware kill chain.
- Perform technical analysis on malicious or suspicious artifacts (malicious executables and documents, packet captures, etc)
- Provide timely support for clients’ incident response, hunting, threat intelligence teams by collecting relevant intelligence and/or performing unique research and providing analysis
- Write technical summaries, white papers, and blogs based on your research and finding
- Work with other teams, such as development, and product groups
- Ensure customer satisfaction through timely dialogue, both written and spoken
- Use knowledge, creativity, critical thinking, and analytic tradecraft best practices to obtain solutions to complex problems where analysis of situations or data requires an evaluation of intangible variables under conditions of uncertainty
- Participate in trend / correlation analysis and scenario forecasting at both the tactical and strategic level
- Ensure timely response to all suspense deadlines and administrative actions
- Maintain confidentiality and ethics within the framework of the engagement
- B.Sc in Computer Science or equivalent army experience
- An engaging personality supported by an inquisitive, analytical mind
- Strong communication skills with clear and concise writing; able to build a compelling and effective narrative
- Ability to work in fast-paced environment, to triage and to work within a small, highly technical group while providing explanations to non-technical people
- 2 + years’ experience in Information Security, gained in a hands-on technical or intelligence role
- History of participation in industry or technology information sharing groups, formal or informal
- Ability to dynamically analyse malicious code and related threats
- Understanding of how operating systems work and the ways malware interacts with them
- Understanding of common network traffic protocols and familiarity with common network traffic analysis techniques
- Past exposure to a variety of malware families used by Espionage or Criminal campaigns
- Significant experience with the following concepts and related tool sets:
- Network sniffers
- Process analysis tools
- Registry analysis tools
- File analysis tools
- Memory analysis tools
- Team player, with a passion for research, a can-do attitude, creativity, and an eager self-learner.
- Practical experience as an intelligence analyst
- Ability to perform dynamic and static malware analysis
- Familiar and comfortable with relevant tools (OllyDBG, WinDBG, IDA, Radare, etc.)
- 2+ years’ experience working with malware, or engaged in either threat research or incident handling.
- Past proven writeups/blogs/whitepapers
- Experience with vulnerability management, penetration testing, scripting, programming, reverse engineering, and similar job experience.
- Experience with scripting or programming languages, preferably Python
- Preferred certifications: GIAC Reverse Engineering Malware (GREM), GIAC Certified Incident Handler (GCIH) or GIAC Certified Forensics Analyst (GCFA)