Staff Reverse Engineer (Remote - Anywhere in the US or Franc

at Proofpoint in Dover, Delaware, United States

Job Description

It’s fun to work in a company where people truly BELIEVE in what they’re doing!

We’re committed to bringing passion and customer focus to the business.

The Role

As a Staff Reverse Engineer on Proofpoint’s Threat Research team, you will be analyzing sophisticated malware in order to mitigate evasion, facilitate signature development, extract intelligence, support APT research and ultimately protect customers under active attack. You will be part of a highly respected, technically advanced team of security researchers and engineers dedicated to discovering, detonating, detecting and extracting intelligence from malware at unprecedented scale.

Your day-to-day

+ Analyze malware from internal and external sources, both self-directed and in response to evolving campaigns.

+ Work with signature developers to create detections in Proofpoint’s core threat detection platform

+ Work with APT researchers to facilitate the understanding, tracking, and attribution of nation-state actors

+ Work with sandbox detonation and deobfuscation experts to mitigate advanced anti-analysis techniques

+ Work with Machine Learning experts to facilitate the development of novel algorithms for discovering and classifying malware

+ Internally document malware analysis findings including the evolution of critical malware families over time

+ Monitor intelligence feeds, both internal and external, to stay on top of relevant threats

+ Work with writers to appropriately blog and highlight your work

+ Work effectively as part of a globally distributed remote team

What you bring to the team

+ An unbridled passion for the reverse engineering and analysis of malware

+ A minimum of 1-3 years of demonstrable experience reverse engineering Windows malware as your primary job function

+ Experience using IDA Pro/Ghidra to statically analyze Windows malware

+ Deep understanding of userland Windows internals and the x86/IA64 architecture and instruction set

+ Experience using a Windows debugger for dynamic malware analysis

+ Familiarity with common encryption algorithms

+ Experience overcoming common anti-analysis techniques

+ Experience sandboxing malware

+ Python experience

+ The ability to work independently and self-prioritize as a Senior level researcher

+ A desire and ability to share your discoveries internally in order to ultimately protect customers (team player)

+ A desire to publish appropriate aspects of your work through blogs

Nice to have

+ Information security community experience; a blog, website, published papers, conference presentations, or other experience on the public side of the security field

+ Experience working remotely for a large information security vendor

+ Signature writing experience using tools such as yara, snort, suricata, and ClamAV

+ An expert level understanding of some segment of the Windows malware landscape (Loaders, Bankers, RATs, etc.)


If you like wild growth and working with happy, enthusiastic over-achievers, you’ll enjoy your career with us!

Copy Link

Job Posting: JC193363085

Posted On: Sep 26, 2021

Updated On: Nov 10, 2021