Malware Research Scientist - Enterprise Security

As a Malware Research Scientist you will be responsible for establishing a state-of-the-art malware analysis lab, build and lead a small team of researchers, and spearhead hands-on investigations to uncover the intricacies of the latest threats. You will be hands-on in terms of live testing with malware (especially ransomware) in a controlled environment to provide guidance in terms of malware artifacts & indicators of attacks (IOAs) to the engineering and product development team to enhance the security aspects of the product line. Key Skills : - Proven experience as an Enterprise Security Architect - Excellent working knowledge of how to model threats & risks as well as the controls necessary to mitigate them, on both an organizational and technical level - A background in general security practices of cloud security in AWS/Azure/OCI, Linux, M365 application/API security, firewalls, IDS/IPS, sandboxing, threat intelligence, vulnerability assessment and mitigation, SIEM, auditing, encryption, data loss prevention , threat intelligence etc - Attained at least one or more certifications: OSCP & SANS certs or other Security certifications - Strong communication (verbal and written), problem solving, executive presence, and interpersonal skills - Good technical understanding of malwares behavior, cyber kill chain, incident response and recovery process, forensic data collection, disaster recovery. Direct hands-on experience in at least one of these areas will be preferred Roles & Responsibilities : Technical Expertise : - Design and implement a secure malware analysis lab environment. - Conduct in-depth analysis of malware samples, particularly focusing on ransomware variants. - Leverage reverse engineering, static analysis, and dynamic analysis techniques to dissect malware behavior. - Identify and document Indicators of Compromise (IOCs), MITRE TTPs and Indicators of Attacks (IOAs) associated with analyzed malware. - Analyze the impact of ransomware on data, cloud infrastructure (AWS, Azure, GCP), and SaaS applications (M365, Google Workspace, etc.). - Develop and implement innovative detection and mitigation strategies to defend against the latest malware and ransomware threats. - Stay current on emerging threats and trends through ongoing research and threat intelligence gathering. Communication & Collaboration : - Collaborate with Product Managers to understand & stay updated on the customer requirement, help PMs build intricacies of product security features - Work closely with the marketing team to develop clear and effective product messaging, contribute with research papers and blogs, and communicate product features to the market. - Translate complex technical findings into clear and concise reports for both technical and non-technical audiences. - Collaborate with engineering and security teams to integrate threat intelligence findings into security solutions and incident response procedures. - Present research findings and threat insights to internal stakeholders. Qualifications : - Engineering degree in Cybersecurity, Computer Science, or a related field (or equivalent experience). - Minimum 10 years of experience in malware analysis and threat research. - Proven experience in leading and mentoring a security research team. Interns and freshers - In-depth knowledge of malware analysis techniques (reverse engineering, static analysis, dynamic analysis, sandbox environments). - Strong understanding of ransomware variants and their impact on various systems (data, cloud infrastructure,SaaS). - Excellent written and verbal communication skills. - Ability to work independently, manage multiple projects, and prioritize effectively. - Passion for staying ahead of the evolving threat landscape. (ref:hirist.tech)

Location: pune, IN

Posted Date: 11/24/2024