Malware Analyst
Job details
Job description, work day and responsibilities
Job Description – Malware Analyst
A malware analyst examines malicious software, such as bots, worms, and trojans to understand the nature of their threat. This task usually involves reverse-engineering the compiled executable and examining how the program interacts with its environment. The analyst may be asked to document the specimen’s attack capabilities, understand its propagation characteristics, and define signatures for detecting its presence. Reverse engineering capabilities are also considered essential to a successful malware analysis.
Malware analysts are responsible for conducting both dynamic and static analyses of suspicious code in order to establish signatures that indicate its presence. They also determine how such code spreads through systems and develop tools and procedures to detect the code in advance of any infection.
Job responsibilities include:
• Document malware threats and identify procedures to avoid them
• Static and dynamic analyses using tools to identify threats
• Classify malware based on threats and commonalities
• Write alerts to let security personnel know about the latest threats
• Understand tools that identify zero-day cyber threats and work to protect from them
• Participate in research and development of malware protection tools
• Ability to setup collection mechanisms for malware samples (honey pots)
• Ability to setup virtualized environments for malware analysis
Capabilities for Malware Analysis
Fundamentals
• Networking and TCP/IP
• Operating system internals (Windows and Unix)
• Computer security
• Forensics and incident response
• Programming (Assembly, C, C++, Python, and Perl)
• Assemble a toolkit for effective malware analysis
• Examine static properties of suspicious programs
• Perform behavioral analysis of malicious executables
• Perform static and dynamic code analysis of malicious executables
• Contribute insights to the organization's larger incident response effort
Malicious Code Analysis
• Core concepts for analyzing malware at the code level
• x86 Intel assembly language primer for malware analysts
• Identifying key x86 assembly logic structures with a disassembler
• Patterns of common malware characteristics at the Windows API level (DLL injection, function hooking, keylogging, communicating over HTTP, etc.)
In-Depth Malware Analysis
• Recognizing packed malware
• Automated malware unpacking tools and approaches
• Manual unpacking of malware using OllyDbg, process dumping tools and imports-rebuilding utilities
• Intercept network connections in the malware lab
• Interact with malicious websites to examine their nature
• De-obfuscate browser scripts using debuggers and runtime interpreters
• JavaScript analysis complications
Self-Defending Malware
• Bypassing anti-analysis defences
• Recovering concealed malicious code and data
• Unpacking more sophisticated packers to locate the Original Entry Point
• Identifying and disabling methods employed by malware to detect analysts' tools
• Analyzing shellcode to assist with the examination of malicious documents and other artefacts
Malicious Documents and Memory Forensics
• Analyse malicious Microsoft Office (Word, Excel, PowerPoint) documents
• Analyse malicious Adobe PDF documents
• Analyse memory to assess malware characteristics and reconstruct infection artefacts
• Using memory forensics to analyse rootkit infections
Essential Qualifications
2-4 years’ experience as a SOC specialist/Malware analyst
Certifications in Networking, OS, Infosec and languages (C, C++, Perl, Python & Assembly)
Bachelor’s degree in Computer Science
Company address
You will be redirected to another website to apply.
Offer ID: #1086871,
Published: 5 days ago,
Company registered: 5 months ago
