Chercheur senior en logiciels malveillants / Senior Malware Researcher

Qualifications

We are looking for a Senior Malware Researcher to join our Montréal team, a part of ESET Research.

ESET Research is a team of 30+ researchers all over the world who analyze, and intend to disrupt, the most complex cyber-espionage and cybercrime operations. By leveraging ESET technologies, we have first-hand visibility, every single day, on highly complex attacks.

As a Senior Malware researcher you will track, analyse and document cyber-espionage and cyber-sabotage operations. You will be involved in all phases of such investigations: from threat hunting, to malware analysis, to sharing your findings both publicly on ESET’s blog and international conferences and privately in our threat intelligence reports and at closed-doors events.

A Senior Malware Researcher has significant experience not only with the analysis and study of malicious code, but also with tracking the network infrastructure, tactics, techniques, and procedures used by attackers to quickly identify relationships and similarities between seemingly unrelated cases. They can attribute campaigns to known or unknown threat groups.

Qualifications

Required skills

1. 5 years of experience in reverse-engineering x86/x64 binaries (static and dynamic analysis) and ability to use common reverse engineering tools
2. We will also consider candidates without reverse-engineering skills but with a strong experience in cyber threat intelligence (5+ years)
3. Knowledge in network analysis (PCAPs) and cryptography (basics)
4. Ability to write YARA and SNORT rules
5. Ability to write scripts in Python (or equivalent)
6. Experience in tracking malicious network infrastructure
7. Experience in clustering malware samples, campaigns and threat actors
8. Experience in threat hunting
9. Experience using threat intel platforms such as VirusTotal and Shodan/Censys
10. Familiarity with cyber-espionage threat actors (APTs).
11. Expertise in threat intelligence analysis, including cyber-incident attribution.
12. Knowledge of the MITRE ATT&CK framework.
13. Written and spoken English communication skills (minimum level B2, job requires to write global reports, papers, present at conferences and communicate with other ESET Research colleagues)
14. Autonomous and team player

Desired skills

1. 5+ years of experience as a malware analyst/malware researcher/threat researcher/threat intelligence analyst
2. Experience in host-based forensics
3. Experience using Kibana
4. Experience using MISP
5. Familiarity with attribution frameworks such as the diamond model or the Kill Chain
6. Knowledge of the geopolitical context the threats actors operate in
7. Excellent communications and presentations skills

In return, we offer you

• Casual, friendly and open culture with no dress code
• Multicultural work environment
• Team activities and company events (team buildings, 5@7)
• Physical activity contribution
• Opportunities to attend various trainings, courses, conferences or meetups
• Other benefits and perks (financial and non-financial)

Bureau

• Group private insurance plan
• Group retirement savings plan
• Physical activity program
• Interior bike racks and bike sharing program
• Home office
• Extra days off

Office

• Refreshments in office (fruit, snacks, drinks & coffee)
• Breakfast
• Teambuilding activities
• Common lounge ("Living room") with PlayStation, ping-pong and foosball tables
• Christmas activities

Other

• LinkedIn Learning/ Udemi
• Friend referral
• Christmas gifts

Emplacement principal / Primary location

Montreal