About the Position

Threatray operates a deep code indexing and search engine. We use the code search engine to build user facing features such as malware identification and classification which truly delivers on the promises of code reuse analysis. We are also using the search engine to build novel malware intelligence capabilities as well as features that enable malware reverse engineering through clustering of samples, function level retro-hunting and others.

As a member of our growing threat intel team, you’ll be given access to the full power of our capabilities and data sets to analyze and hunt malware. Our analyst- facing capabilities include unique retro-hunting features as well as reverse engineering / code analysis techniques that allow you to analyze malware clusters at scale.

Responsibilities

  • Monitor and research malware threats and actors, especially including the evolution of malware families, to discover new and unknown threats and to keep our classification and detection capabilities up to date.
  • Influence the threat intelligence and product roadmap of the company.
  • Closely collaborate with the software development team and advise them on malware analysis related tasks.
  • Publish technical reports, analysis insights, and novel findings in blog posts, Tweets, etc.
  • Generate ideas for new features or feature improvements of our core technology and the customer facing product; write specifications for those features.
  • Represent Threatray at various conferences and speaking events.


The candidate

Minimum qualifications:

  • Demonstrated high level of drive, independence and strong analytical skills.
  • 5+ years of experience in a relevant role or environment.
  • Deep understanding of malware techniques and capabilities, the malware threat landscape and the most prevalent malware families.
  • Demonstrated static and dynamic malware analysis and reverse engineering skills using state of the art tools.
  • Demonstrated skills in malware classification and detection creation methodologies such as Yara, Sigma, Snort, Suricata, etc.
  • Experience in coding and scripting using one or more of the following languages: Python, Go, C, C++, Java, and/or similar.
  • Good communication skills in English (written and verbal) to work in a distributed team.

Preferred qualifications:

  • Degree in Computer Science, Cyber Security, or Engineering.
  • Experience working in a startup environment.
  • Experience working with extremely large data sets.
  • Advanced knowledge of Windows OS internals.
  • Strong personal network in malware analysis and intelligence community.
  • Experience in writing technical reports or blog posts.
  • Experience in public speaking.
  • Experience in developing malware and intelligence analysis automation tools.
  • Experience in using ML algorithms and tools.