Cyble - Senior Security Researcher - Threat Hunting

Job Title : Senior Security Researcher Job Category : Full Time Location : Bangalore Travel Required : Occasionally Job Description : We are seeking a skilled Malware Researcher with 7-10 years of experience in malware analysis, reverse engineering, and threat hunting. The ideal candidate will have a strong understanding of Windows and Linux malware analysis, proficiency in Python, and experience with the MITRE ATT&CK framework. The role involves analyzing malicious code, understanding the current threat landscape, tracking Advanced Persistent Threats (APTs), leveraging OSINT for threat intelligence, and authoring technical blogs and advisories. Role And Responsibilities : - Perform in-depth analysis and reverse engineering of malware samples targeting Windows and Linux platforms, uncovering intricate behaviors and attack methodologies. - Identify malicious code, functionalities, and capabilities to assess its potential impact and determine mitigation strategies. - Document findings comprehensively, including detailed reports on malware functionality, behavior patterns, and suggested countermeasures. - Stay ahead of emerging threats by analyzing and understanding the evolving threat landscape, identifying trends, and assessing their implications. - Conduct proactive threat hunting activities, leveraging OSINT and a wide range of intelligence sources such as VirusTotal etc. to uncover indicators of malicious campaigns. - Hunt, Analyse and Track various threat actors/APT groups by gathering and analysing Attacker TTPs and publish blogs/articles - Deliver actionable intelligence to internal teams and external stakeholders, enabling informed decision making and proactive threat mitigation. - Continuously update and enrich Cyble's Threat Library and Knowledgebase with newly identified malware, TTPs (Tactics, Techniques, and Procedures), and Indicators of Compromise (IOCs). - Contribute to the development of use cases and threat detection logic (YARA and SIGMA rules) and tools to enhance threat detection capabilities for clients. - Keep UpToDate with advanced threats, vulnerabilities, latest security solutions and risk mitigation strategies used in cybersecurity operations. Qualifications And Education Requirements : - Degree in Computer Science or any Technical Discipline (B.E, B.Tech, BCA, MCA, B.Sc.(IT)) - Specialization in cyber security, computer forensics or incident response would be a plus Knowledge, Skills And Experience Required : - 7-10 years of strong experience in malware analysis and reverse engineering, including proficiency with advanced static and dynamic analysis tools (e., IDA Pro, Ghidra, OllyDbg). - Must have demonstrated experience in evaluating threat intelligence from social media, chats, darknet forums, OSINT and other sources of data openly available on the Internet. - Functional understanding of common threat analysis models such as the Diamond Model, Cyber Kill Chain, and MITRE ATT&CK. - Knowledge of creating detection rules for EDR/XDR platforms to identify and respond to threats is highly desirable. - Demonstrate advanced proficiency in utilizing various cyber intelligence tools such as VirusTotal, Silentpush, Shodan, and Censys to actively identify, investigate, and analyze potential threats. - Possess a strong understanding of the current threat landscape, including expertise in tracking Advanced Persistent Threats (APTs) and attributing activities to specific threat actors. - Ability to automate repeatable security tasks through scripts and custom code - Self-motivated and results-oriented, with excellent interpersonal and communication and writing skills. - Knowledge of forensic analysis and incident response is an added advantage, enhancing the ability to investigate and respond to complex threats. About Cyble : Cyble provides the fastest and most comprehensive coverage across adversaries, infrastructure, exposure, weaknesses, and targets. Cyble empowers governments and enterprises to safeguard their citizens and infrastructure by providing critical intelligence in a timely manner and enabling rapid detection, prioritization, and remediation of security threats through its advanced capabilities for data analysis, expert insights, and automated processes. Headquartered in Alpharetta, Georgia, and with offices in Australia, Malaysia, Singapore, Dubai, Saudi Arabia and India, Cyble has a global presence. (ref:hirist.tech)

Location: bangalore, IN

Posted Date: 11/29/2024