Reverse Engineer

Job description / Role

• Reverse engineer malware samples in order to characterize their attributes for identification, correlate indicator information to identify larger attack architectures and topologies, and create proof of concept software to assist in real-time analysis and tracking of targeted malware families.
• Conduct vulnerability analysis of complex and diverse software systems and network architectures.
• Identify anti-analysis techniques, including encryption, obfuscation, virtual machine detection, and conditional coding for the purpose of identifying tactics, techniques, and procedures used by malware authors.
• Provide subject matter expertise on cyber threats, attacks, and incidents of interests to PhishLabs and our customers as well as knowledge of typical attack vectors, network exploitation techniques, and exfiltration channels.
• Monitor underground marketplace activity for any new threats being distributed or discussed by cyber actors

Salary:
AED 20,000 to 30,000 per month inclusive of fixed allowances.

Requirements

• Advanced understanding of Windows and Linux based operating systems as well as the iOS and Android Platforms.
• A Bachelor’s or Master’s degree in Computer Science, Information Systems, or other computer related field.
• Demonstrable experience working with open-source and commercial analysis tools for the purposes of malware reverse engineering including, but not limited to, decompilers, disassemblers, debuggers, systems internals utilities, and network traffic analysis tools.
• Experience with enterprise level sandbox tools and familiarity of edge and endpoint protection systems.
• Experience programming in a scripting language, such as Python, as well as working knowledge of x86, x64, and ARM assembly instructions, C, C++, Java, JavaScript, PHP and HTML.
• Proven ability to analyze and reverse engineer packed or obfuscated code, develop code to monitor botnets, and reverse engineer custom protocols.
• Advanced understanding of operating system internals and Windows API.
• Experience with both SQL and NoSQL data storage solutions as well as ElasticSearch search and analytics engine to include data implementation and design.
• Experience with security data characterization standards such as STIX, MAEC, TAXII, CybOx.
• Experience with networking, network protocols, and security infrastructures.
• Experience with financially-incentivized malware such as banking trojans is preferred.
• Experience with creation and maintenance of rules to detect malicious activity or code (yara, snort, suricate, etc.)

About the Company

GG Selection is a search partner with an international presence, clients in diverse industries, and a network of talent for all levels of seniority and experience. We’re not limited by industry or geography, and we treat every brief and every client like the individual case it is — never making assumptions or taking anything for granted, and always tailoring our service to the needs we discover.