The Intelligence Acquisition Team at Anomali are responsible for conducting research and rapid prototyping to push the limits of security threat research.
Anomali delivers earlier detection and identification of adversaries in your organization’s network by making it possible to correlate tens of millions of threat indicators against your real time network activity logs and up to a year or more of forensic log data. Anomali’s approach enables detection at every point along the kill chain, making it possible to mitigate threats before any material damage to your organization has occurred.
The research team at Anomali is responsible for conducting research and rapid prototyping to push the limits of security threat research. We are looking for a new team member who is passionate about tracking advanced adversaries, both nation-state and cyber crime actors. You will publish your work as reports, or blog post for both public and private consumption. You will work closely with our exceptional engineers and data scientists to drive new and exciting developments around the collection and application of Threat Intelligence. You will work to enhance security tradecraft to identify threats before the adversaries have a strong foothold in organizations.
o Intermediate scripting in Python or other scripting language to enable threat research, malware analysis, or other security-related tasks
o Document findings and develop signatures that can be used to detect malware
o Examine suspicious or malicious software to determine how it interacts with the environment
o Present data at technical summits, trade shows, and other technical venues
o Reverse engineer known and unknown samples to identify application behavior and characteristics
o Stay abreast on the latest threats, vectors, and tools
o Experience in C/C++, Python, Ruby or other scripting language
o Experience with data collection and manipulation
o Ability to create, modify, and implement both Snort and YARA signatures
o Basic understanding of Windows and *nix O/S Kernels
o Bachelor degree in computer science, information systems, cyber security
o Basic Knowledge of malware analysis and reverse engineering not required, but desired
o Experience in x86 and/or Embedded Architecture Assembly
o Experience with acquiring and analyzing packet captures
o Basic understanding of remote command and control mechanisms
o Experience with Hypervisors and techniques used to detect virtualized environments
o Experience with enterprise routing and switching
o Knowledge of fuzzers and techniques used to develop exploits
o SANS,CEH, or other certifications
o Competitive salary
o Private Healthcare Plan
o Dental Plan
o Optical Plan
o Paid Public Holidays
o Accrued Paid Time Off – 25 days
o Quarterly event with your Geographic Team
Equal Opportunities Monitoring
It is our policy to ensure that all eligible persons have equal opportunity for employment and advancement on the basis of their ability, qualifications and aptitude. We select those suitable for appointment solely on the basis of merit without regard to an individual’s disability, race, religion, sex, age or sexual orientation. Monitoring is carried out to ensure that our equal opportunity policy is effectively implemented.
If this sounds like the right opportunity for you click the apply button now for immediate consideration!