Senior Analyst (Reverse Engineering) – Remote
If you have an interest or background in using real world Advanced Persistent Threat (APT) intelligence to solve complex technical problems, then we want to hear from you! Our Special Programs and Innovation (SPI) Team focuses on applying technical expertise to allow our customers to better utilize our data, and to create new and innovative ways for Mandiant to collect Threat Intelligence. One of SPI’s critical projects is our adversary emulation solution, which focuses on synthesizing Mandiant’s intelligence to build industry-leading scenarios, replicating adversary behavior for use by Red Teams and Cyber Trainers.
The goal of this project is to gain an understanding of Mandiant’s intelligence and incident responses processes, and then apply engineering and malware analysis skills to create scenarios emulating adversaries from APT, FIN, or other groups.
What You Will Do:
- Analyze executables and malicious files, model and report on their behavior
- Develop and maintain low level applications and operating system software related to host-based personal security tools
- Collaborate with a team of experienced malware analysts and researchers
- Develop novel solutions to challenges facing incident responders and network defenders
- Support the company’s research and development efforts via applied research efforts
- 7+ years of software development experience
- Ability to analyze disassembly of x86 and x64 binaries
- Knowledgeable in the use of:
- Common binary file formats
- Dynamic analysis tools
- Minimum 5+ years of experience in RE, Ability to reverse engineer binaries of various types including:
- Experience developing applications in C and Python, GO, or any other object-oriented programming language
- Understanding of software exploits
- Experience developing scripts to decode obfuscated data and network communications
- Thorough understanding of network protocols
- Experience mitigating anti-reverse engineering techniques
- Ability to analyze shellcode
- Ability to analyze packed and obfuscated code
- Capable of Python scripting to automate analysis tasks
- Capable of identifying host- and network-based indicators
- Ability to reverse engineer binaries of various types including:
- Compiled VBScript
- Knowledgeable in the use of:
- Kernel-mode debuggers
- Network analysis tools
As a U.S. federal contractor, Mandiant has adopted a COVID-19 Vaccination Policy to comply with our obligations under applicable laws and requirements. This position may be covered under Mandiant’s COVID-19 Vaccination Policy, as required in order to support federal contracts, access company offices and/or attend in-person meetings and work events. If covered under this policy, proof of vaccination against COVID-19 may be required as a condition of hire. At Mandiant we are committed to our #OneTeam approach combining diversity, collaboration, and excellence. All qualified applicants will receive consideration for employment without regard to race, sex, color, religion, sexual orientation, gender identity, national origin, protected veteran status, or on the basis of disability.
This is a regionally-based role that must be located on the East Coast.