Flag: Tornado! Hurricane!

 Forums >>  Job Openings  >>  Career: Reverse Engineer / Malware Research Cyber Security Specialist

Topic created on: February 21, 2012 10:54 CST by pedram .

Reverse Engineer / Malware Research Cyber Security Specialist
Select Precision - Global Bank - Frankfurt Am Main Area, Germany
Job Description

The Reverse Engineer/Malware Cyber Security Consultant is responsible to protect the IT-systems of the bank against all kind of threats from cyber attacks, internal fraud, and all kind of organized crime . The scope of this division is covering not only IT Infrastructure , but is including the application space. Here lies responsibility for Architecture and Operations as well as for the development and ownership of Common Security Solutions to be used by all of Global Technology.

The IT Security Specialist will be responsible for in depth analysis of IT threats against the Global bank who are one of the world's leading financial service providers.

This responsibility includes performing fast malware reversing analysis in order to bring hard technical facts during incident response phases, as well as longer term projects regarding penetration testing engagements on key assets.

The IT Security Specialist will have to work closely with a team of subject matter experts, from different areas. This can include Security Incident Management, Security Problem Management and Security Architecture teams, as well as groups outside the security space like Engineering or End-user Services. Hence the required excellent communication skills.

Tasks / Responsibilities:
- Design and perform external and internal penetration tests in order to expose potential vulnerabilities of key assets. Explain in a comprehensive manner the strategies and actions which lead to the compromise, as well as potential remediation and state of the art practices.
- Support Security Incident Management team on analysis and remediation of an active incident.
- Perform malware analysis (static and dynamic reverse engineering) from potentially compromised systems in support of incident analysis and response. Analyze network and application logs in coordination with malware analysis.
- Perform cyber threat counter intelligence by identifying intelligence sources, enhancing search methods for intelligence and communicating implications on cyber threats to technical and non-technical audiences.

The team are building a group within the so called IntelligenceTeam which aim is primarily to focus on technical aspect to enhance the bank's security.

We are in the process to build a lab to perform the following actions:

- Malware forensic and research
- Incident response regarding malcodes
- Assistance and internal technical consulting to other teams
- Vulndev and development of penetration testing scenarios
- Help in the selection and audit of security products

We search a self learning person, whom like to work with close groups on the inner details of technology.
This person also has to be able to present his research to the higher management, if the opportunity presents itself.

We look for strong penetration testing and reverse engineering skills, on different environments and if possible architectures.

Desired Skills & Experience

Experience | Exposure (Recommended):

- Excellent analytical skills to evaluate problem, root cause and resolution
- Experience in translation of very complex topics in clear and crisp messages/ visions
- Knowledge of market leader penetrating test tools such as Metasploit, Immunity Canvas or Core SDI IMPACT, of penetration testing methodologies like OSSTMM and experience in structuring a penetration test, identifying vulnerabilities and evaluate the impact of a potential exploitation on the targeted system. Driving exploitation while understanding and evaluating the risk.
- Knowledge of low level computer architecture ie low level system and network programming for Unix/Windows as well as basic administration skills of a Linux system, for network and virtualization
-  Understanding and ability to explain the traditional vulnerability classes we can find in modern software, exploitation methods knowhow
- Experience in disassembling software in MS Windows environment

Knowledge of x86 and x86_64 assembly required, arm and/or mips would be a plus

Experience in forensic analysis using forensic tools (e.g., EnCase, FTK, or similar) background in cyber threat trends (preferred)

Knowledge of higher level languages such as C/C++, Java, VB and at least one scripting language such as Python or Ruby

Experience of software such as IDA for static analysis, scripting skills required and of at least one of the following debuggers: WinDBG, OllyDBG, ImmDbg

Knowledge of Windows kernel components would be a plus

At least basic knowledge of malware code packing, obfuscation and anti-debugging is required

Experience in forensic analysis using forensic tools (e.g., EnCase, FTK, or similar) background in cyber threat trends (preferred)

Strong teamplayer, fluent in English (written/verbal), well proven influencing skills in a multi-cultural and globally matrixed organizations is required

Education | Certification (Recommended)
- Masters Degree from an accredited college or university or equivalent
- CISSP (Certified Information Systems Security Professional) or equivalent
- CISA (Certified Information Systems Auditor) or equivalent
- Certified Ethical Hacker

Location: Frankfurt OR NYC - Visa status must be confirmed for suited location.
Corporate Title:VP

Company Description
The company is a leading global investment bank with strong private clients, offering unparalleled financial services throughout the world. A leader in Germany and Europe, NYC, the bank is continuously growing in North America, Asia and key emerging markets and is the most sought after and prestigious brand in the Financial Services and Banking industry. The firm attracts and retains some of the world's most talented employees in the industry, enhancing the strengths with further training development and career progression and succession planning.

Please contact sofy [at] selectprecision [dot] com to discuss further.

No posts found under this topic.

There are 30,780 total registered users.


Recently Created Topics
How to produce separ...
Sep/20
How to decompile a f...
Sep/16
How to trap mouse cl...
Sep/03
Intel pin in loaded ...
Jun/27
Going to do today wi...
Jun/27
how to create delphi...
Jun/27
enabling menu in a s...
Jun/18
How to get the Image...
Jun/17
OllyDBG Process Term...
Apr/28
Reversing opcode
Apr/24


Recent Forum Posts
Intel pin in loaded ...
djnemo
OOP_RE tool available?
Bl4ckm4n
OOP_RE tool available?
van7hu
Should binaries be n...
Kolisar
Problem with ollydbg
nullx42
!findtrampoline Immu...
skycrack
looking for a softwa...
raxen
Documenting reversed...
raxen
.orpc section what's...
mbin
Pydbg load() issue
phreak


Recent Blog Entries
oleavr
Aug/27
CryptoShark: code tracer ba...

oleavr
Jun/25
Build a debugger in 5 minutes

oleavr
Apr/17
frida.re 1.2.0 is out, with...

gareebnavas
Jan/21
Android Malware Analysis

oleavr
Dec/21
frida.github.io: scriptable...

More ...


Recent Blog Comments
pedram on:
Dec/21
frida.github.io: scriptable...

capadleman on:
Jun/19
Using NtCreateThreadEx for ...

newlulu on:
Jun/10
Branch tracing and LBR acce...

newlulu on:
Jun/10
Advanced debugging techniques

newlulu on:
Jun/10
2 anti-trace mechanisms spe...

More ...


Imagery
SoySauce Blueprint
Jun 6, 2008

[+] expand

View Gallery (11) / Submit