Anomali delivers earlier detection and identification of adversaries in your organization’s network by making it possible to correlate tens of millions of threat indicators against your real time network activity logs and up to a year or more of forensic log data.
TO APPLY FOR THIS JOB, PLEASE CLICK ON THE LINK: //jobs.lever.co/anomali/c80b50a7-4e33-47ee-93ea-222171fc919b
Anomali delivers earlier detection and identification of adversaries in your organization’s network by making it possible to correlate tens of millions of threat indicators against your real time network activity logs and up to a year or more of forensic log data. Anomali’s approach enables detection at every point along the kill chain, making it possible to mitigate threats before any material damage to your organization has occurred.
The research team at Anomali is responsible for conducting research and rapid prototyping to push the limits of security threat research. We are looking for a new graduate who is passionate about tracking advanced adversaries, both nation-state and cyber crime actors. You will publish your work as reports, or blog post for both public and private consumption. You will work closely with our exceptional engineers and data scientists to drive new and exciting developments around the collection and application of Threat Intelligence. You will work to enhance security tradecraft to identify threats before the adversaries have a strong foothold in organizations.
o Intermediate scripting in Python or other scripting language to enable threat research, malware analysis, or other security-related tasks
o Document findings and develop signatures that can be used to detect malware
o Examine suspicious or malicious software to determine how it interacts with the environment
o Present data at technical summits, trade shows, and other technical venues
o Reverse engineer known and unknown samples to identify application behavior and characteristics
o Stay abreast on the latest threats, vectors, and tools
o Ability to create, modify, and implement both Snort and YARA signatures
o Bachelor degree in computer science, information systems, cyber security
o Basic understanding of Windows and *nix O/S Kernels
o Basic understanding of remote command and control mechanisms
o Basic Knowledge of malware analysis and reverse engineering not required, but desired
o Experience in x86 and/or Embedded Architecture Assembly
o Experience in C/C++ and Python
o Experience with Hypervisors and techniques used to detect virtualized environments
o Experience with acquiring and analyzing packet captures
o Experience with enterprise routing and switching not required, but desired
o Knowledge of Fuzzers and techniques used to develop exploits
o SANS,CEH, or other certifications not required, but desirable
o New grads are welcome to apply
o Competitive salary
o Private Healthcare Plan
o Dental Plan
o Optical Plan
o Paid Public Holidays
o Accrued Paid Time Off – 25 days
o Quarterly event with your Geographic Team
Equal Opportunities Monitoring
It is our policy to ensure that all eligible persons have equal opportunity for employment and advancement on the basis of their ability, qualifications and aptitude. We select those suitable for appointment solely on the basis of merit without regard to an individual’s disability, race, religion, sex, age or sexual orientation. Monitoring is carried out to ensure that our equal opportunity policy is effectively implemented.