Principal Security Researcher

***We are unable to sponsor for this permanent full-time role***

***Position is bonus eligible***

Prestigious Enterprise Security Services Company is currently seeking a Principal Security Researcher. Candidate will contribute to a number of strategic research initiatives to develop the product and services catalogue. Primary focus for this role is to analyze ransomware samples and threat actor tools to gain insights for future product features, threat actor insights, and assist in the validation of our current capabilities. The ideal candidate will be a proficient reverse engineer with experience in analyzing malware, have a strong understanding of cryptography used in ransomware, and the ability to develop tools to augment existing capabilities.

Responsibilities:

• Technical:
• Reverse engineer malicious or unknown binaries to find insights and intelligence in ransomware samples and threat actor toolkits
• Use and develop tools to bypass software protection and binary packing techniques.
• Identify & develop proof-of-concept tools leveraging your security research background to help assist and scale threat research related tasks
• Partner with applied researchers to enable the development of new products and tools
• Develop tools for the community, enabling access to our research and best practices, fostering knowledge sharing, and empowering others to conduct their own experiments and learn from our threat research methodology
• Collaboration:
• Collaborate with partner Research and Data Science teams on projects and to bring new ideas and technology to customers
• Cultivate global collaborations with security researchers to exchange knowledge, stay updated on emerging threats, and build partnerships with offensive security researchers to enhance our defensive capabilities and embrace cutting-edge offensive security research.
• Share knowledge with the community through engaging presentations, blog posts, papers, and active participation on social media channels, contributing to the broader information security ecosystem.
• Communication:
• Write high quality technical reports to enable our business to utilize the research effectively across the organization
• Articulate technical requirements and details to both highly technical and non-technical audience

Qualifications:

• Strong capabilities in reverse-engineering Windows binaries and applications.
• Strong familiarity with Windows development practices, low level operating system concepts, and networking.
• Proficiency with development in scripting languages such as Python or Ruby.
• Proficiency with development in compiled languages such as C, C++ and/or Rust.
• Experience in auditing implementations of cryptographic algorithms to identify security issues
• A willingness to lead by example and participate actively in the workload
• Excellent English verbal and written communication and presentation skills
• Maintains a positive attitude and quickly adapts to change
• Passionate about information security
• Participation in security-focused communities, open-source development, and intel sharing communities is a plus.
• Proficiency with development in CUDA
• Advanced degree in a technical field (Computer Science, Electrical Engineering, Math, Physics, etc.)
• Track record of advancing offensive security research field through vulnerability discoveries, research publications, and/or developing security tools