iSIGHT Partners

Labs Malware/Reverse Engineer

US-VA-Chantilly
ID
2015-1477
Category
Engineering
Type
Regular Full-Time

Overview

This position is posted for the purpose of building a pipeline of qualified candidates.  iSIGHT Partners often seeks talented Reverse Engineers to work within our organization.  If you are interested in future Reverse Engineering opportunities, please submit a copy of your resume.

 

iSIGHT Partners' highly skilled reverse engineers operate in a fast paced work environment in an organization that focuses exclusively on analyzing and understanding the global threat ecosystem.

Essential Duties and Responsibilities

The employee is expected to work with minimal guidance against broad objectives to handle a variety of complex assignments and situations. The employee must demonstrate full knowledge of fundamental concepts across a wide range of intelligence disciplines based on current primary assignment and additional account responsibilities. Within established priorities and deadlines, he/she will exercise independent judgment in selecting and applying appropriate work methods, procedures, techniques, and practices. The employee's decisions and outcomes have a significant impact on work within their analytic practice area, as well as some impact on other practice area or functional teams.

 

Primary Duties:

  • Assess research requests for completeness
  • Conduct the research required to fulfill research requests
  • Ensure the accuracy and integrity of information throughout reporting
  • Report to internal team members changes to the state of existing research requests
  • Brief on technical issues of interest to iSIGHT Partners internal and external customers
  • Coordinate with other Technical Intelligence teams as needed
  • Participate in directed research and development tasks
  • Maintain Subject Matter Expert (SME) status in assigned areas
  • Complete other tasks as directed by the Labs Operations Manager

Operational Duties:

  • Provide mentoring guidance to Junior-level Labs Engineers
  • Build skills towards being a Subject Matter Expert (SME) as designated
  • Perform investigation on current research topics of interest to internal and external customers as directed
  • Assist in the identification/investigation of vulnerabilities to determine root cause as directed
  • Assist in the development of PoC triggers for new/recent vulnerabilities as directed
  • Assist in the performance of static/dynamic analysis on different types of malware samples as directed
  • Assist in the performance of vulnerability testing on highly utilized software applications as directed
  • Review investigative findings of other teams for technical accuracy as directed.
  • Effectively brief internal and external customers on investigative findings
  • Help with maintenance of teams internal tools and development project

Experience, Skills and Knowledge

  • Comfortable working in Windows, Mac, Linux, and mobile environments
  • Ability to read and debug x86 disassembly
  • Technical knowledge of common network protocols
  • Ability to analyze vulnerabilities in 3rd party software such as Internet Explorer, Acrobat, Java, Flash
  • Comfortable working with obsfuscated samples
  • Ability to safely handle malware in a lab environment
  • Experience building research tools and automation scripts for daily tasks
  • Knowledge of current exploit and exploit mitigations techniques
  • Ability to analyze items such as:
    • Shellcode
    • Malicious scripts
    • Software patch diff
  • Technical knowledge of the internals of common file formats, including but not limited to:
    • Microsoft Office
    • Adobe SWF and PDF
    • PE file format
  • Familiarity with tools such as:
    • IDA
    • BinDiff
    • Olly
    • VMWorkstation and other VMware products
  • Ability to work in a fast paced environment, to triage and to work within a small highly-technical group while providing explanations to non-technical people
  • Strong written and verbal communication skills
  • A humble expert

Options

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed