OpenRCE

📚 OpenRCE is preserved as a read-only archive. Launched at RECon Montreal in 2005. Registration and posting are disabled.

About Articles Book Store Distributed RCE Downloads Event Calendar Forums Live Discussion Reference Library RSS Feeds Search Users What's New

Customize Theme

Flag: Tornado! Hurricane!

Created: Monday, October 26 2009 08:31.50 CDT

Direct Link, View / Make / Edit Comments

Job Opening- Botnet/Malware Research Analyst

Author:

Rfreedman

# Views: 4364

Positions Available- Threat Analyst or Sr Research Analyst
(Threat Analyst is more data mining and scripting. Research Analyst is more Reverse Engineering)
Company- Malware/Botnet Research
Location- Atlanta, GA
Relocation- Required

Collaborating with the marketing and engineering teams, the Senior Research Analyst will typically need to design and construct analysis tools that automate the extraction of botnet intelligence and make it available to the company's other technologies and its knowledgebase as well as responding to ad-hoc requests for malware analysis driven by business and client needs to determine characteristics, functionality, and/or recommend countermeasures.

The position may entail interaction with the media following the successful outcome of directed research or response activities.

Responsibilities:
� Independent threat analysis and data mining of new botnet instances
� Research in to new methods for detecting and reporting botnet activities
� Dissection of new botnet samples and the automation of sample processing
� Investigation of new botnet command and control tactics and subsequent enumeration of botnet operators
� Focused analysis of botnet outbreaks within enterprise and ISP networks
� Contribution to research and commercial papers describing the evolving botnet threat

Skills & Experience:
� Experience as a security engineer, threat intelligence analyst, or similar senior technical role
� Extensive knowledge of tracing and debugging Windows processes in the context of malware reverse engineering
� Proficiency with C/C++ programming and x86 assembly /disassembly
� Deep understanding of network flow data analysis, deep packet inspection and network behaviors of malicious software
� Comprehensive knowledge of anti-debugging and anti-instrumentation techniques
� Familiarity with packing and anti-reverse engineering techniques, including data obfuscations that employ primitive or basic cryptography
� Ability to troll underground Internet forums and criminal sites/portals for new botnet intelligence

Rian Freedman

Xpect SVC, LLC

404-522-8889 | LOCAL
888-973-2887 | TOLL
404-520-8081 | CELL
404-393-0862 | FAX
[email protected]
www.xpectsvc.com

Archived Entries for Rfreedman

Subject	# Views	Created On
No archived blog entries found.

There are 31,328 total registered users.

Recently Created Topics
[help] Unpacking VMP...	Mar/12
Reverse Engineering ...	Jul/06
let 'IDAPython' impo...	Sep/24
set 'IDAPython' as t...	Sep/24
GuessType return une...	Sep/20
About retrieving the...	Sep/07
How to find specific...	Aug/15
How to get data depe...	Jul/07
Identify RVA data in...	May/06
Question about memor...	Dec/12

Recent Forum Posts
Finding the procedur...	rolEYder
Question about debbu...	rolEYder
Identify RVA data in...	sohlow
let 'IDAPython' impo...	sohlow
How to find specific...	hackgreti
Problem with ollydbg	sh3dow
How can I write olly...	sh3dow
New LoadMAP plugin v...	mefisto...
Intel pin in loaded ...	djnemo
OOP_RE tool available?	Bl4ckm4n

Recent Blog Entries
	halsten	Mar/14
Breaking IonCUBE VM
	oleavr	Oct/24
Anatomy of a code tracer
	hasherezade	Sep/24
IAT Patcher - new tool for ...
	oleavr	Aug/27
CryptoShark: code tracer ba...
	oleavr	Jun/25
Build a debugger in 5 minutes
More ...

Recent Blog Comments
	nieo on:	Mar/22
IAT Patcher - new tool for ...
	djnemo on:	Nov/17
Kernel debugger vs user mod...
	acel on:	Nov/14
Kernel debugger vs user mod...
	pedram on:	Dec/21
frida.github.io: scriptable...
	capadleman on:	Jun/19
Using NtCreateThreadEx for ...
More ...

Imagery

SoySauce Blueprint
Jun 6, 2008

[+] expand

View Gallery (11) / Submit