Reverse Engineer

Job Description

Responsibilities Software reverse engineering is done to retrieve the source code of a program because the source code was lost, to study how the program performs certain operations, to improve the performance of a program, to fix a bug (correct an error in the program when the source code is not available), to identify malicious content in a program such as a virus or to adapt a program written for use with one microprocessor for use with another. Reverse engineer specialist should not only be an expert in languages such as CC++, Python andor Java, but also have a deep understanding of firmware and binary disassembly, and what altering execution sections would accomplish. Collaborate with a team of experienced malware analysts and researchers. Project scenarios for the reverse engineering work include cyber system and protocol research, hardware andor software reverse engineering, and the documentation of findings and recommendations to the customer to solve their mission needs. The viability and potential impact of the findings will often require team members to develop proof-of-concept exploitations or modifications based on identified vulnerabilities.

Job Description

Reverse engineer malware samples in order to characterize their attributes for identification, correlate indicator information to identify larger attack architectures and topologies, and create proof of concept software to assist in real-time analysis and tracking of targeted malware families. Conduct vulnerability analysis of complex and diverse software systems and network architectures. Identify anti-analysis techniques, including encryption, obfuscation, virtual machine detection, and conditional coding for the purpose of identifying tactics, techniques, and procedures used by malware authors. Provide subject matter expertise on cyber threats, attacks, and incidents of interests to PhishLabs and our customers as well as knowledge of typical attack vectors, network exploitation techniques, and exfiltration channels. Monitor underground marketplace activity for any new threats being distributed or discussed by cyber actors.

Required Skills

Advanced understanding of Windows and Linux based operating systems as well as the iOS and Android Platforms. A Bachelor s or Master s degree in Computer Science, Information Systems, or other computer related field. Demonstrable experience working with open-source and commercial analysis tools for the purposes of malware reverse engineering including, but not limited to, decompilers, disassemblers, debuggers, systems internals utilities, and network traffic analysis tools. Experience with enterprise level sandbox tools and familiarity of edge and endpoint protection systems. Experience programming in a scripting language, such as Python, as well as working knowledge of x86, x64, and ARM assembly instructions, C, C++, Java, JavaScript, PHP and HTML. Proven ability to analyze and reverse engineer packed or obfuscated code, develop code to monitor botnets, and reverse engineer custom protocols. Advanced understanding of operating system internals and Windows API. Experience with both SQL and NoSQL data storage solutions as well as ElasticSearch search and analytics engine to include data implementation and design. Experience with security data characterization standards such as STIX, MAEC, TAXII, CybOx. Experience with networking, network protocols, and security infrastructures. Experience with financially-incentived malware such as banking trojans is preferred. Experience with creation and maintenance of rules to detect malicious activity or code (yara, snort, suricate, etc.)

Keyskills :
proof of conceptsubject matter expertisenetwork traffic analysisarm assemblycomputer sciencetraffic analysisoperating systemsstorage solutionsreverse engineeringinformation systemsphpsqliosarmx86x64javahtml