Jobs
Recorded Future, Inc. logoRecorded Future, Inc.

Senior Cyber Security Researcher

With 1,000 employees, over $250M in sales, 1,500+ clients, and rapid year-over-year growth, Recorded Future is the world’s most advanced, and largest, intelligence company!

Senior Cyber Security Researcher/Reverse Engineer, Reverse Engineering Team

Reverse Engineering Team (RET), Insikt Group, Recorded Future

Washington, D.C., Boston, M.A., London, UK, Remote

This Role: 

The Reverse Engineering Team (RET) is a subteam of Insikt Group’s Advanced Reversing, Malware, Operations, and Reconnaissance (ARMOR) team. We are looking for a technical threat researcher specializing in malware analysis to assist in the research of various APT and cybercrime activities. Day-to-day responsibilities will include the analysis of malicious tools, writing configuration extractors, infrastructure profiling, research lead generation, and writing high-quality intelligence assessments. This role also supports the creation of finished intelligence reports on topics such as malware and offensive security tooling, vulnerabilities, cloud security, and TTP trends. Previous research experience is required. 

What You’ll Do: 

  • Reverse engineer malware, including APT tools and Crimeware.
  • Develop network and host-based detection rules (YARA, SNORT, and Sigma) to detect APT and cybercriminal campaigns in line with Insikt’s research goals.
  • Develop tools and methods to identify both commodity and custom malware using retro hunting and advanced detection techniques.
  • Support other threat intelligence analysts by analyzing malware from advanced threat actors to develop leads and insights into actor infrastructure, tooling, and targeting.
  • Publish research on novel threats.
  • Collaborate with a team of highly skilled analysts with expertise across many areas of cybersecurity and threat intelligence.
  • Stay on top of developments within the malware and malware analysis landscape, tracking key developments by following publications, blogs, and mailing lists.
  • Scope, author, review, and deliver finished intelligence reports that address clients’ priority intelligence requirements (PIRs) across a broad range of cyber threat activity topics.

What You’ll Bring (Required):

  • Experience with static and dynamic malware analysis of Windows binaries, using tools such as Ghidra, IDA Pro, x64dbg, dnSpy and Wireshark
  • Experience writing network and endpoint signature detections using YARA, Sigma, and SNORT
  • Experience scripting in Python, Go, Powershell, or Bash
  • Knowledge of Windows operating system internals and the Windows API
  • Knowledge of TCP/IP and other networking protocols
  • Ability to convey complex technical and non-technical concepts in verbal products and excellent writing skills
  • Proficiency conducting threat hunting, malware analysis, and reverse engineering for Windows, macOS, or Linux

Highly Desirable Skills/Experience (not required):

  • BA/BS or MA/MS degree; or equivalent experience in Computer Science, Information Security, Cybersecurity, or a related field.
  • 7+ years of experience in static and dynamic malware analysis
  • 7+ years of experience in network analysis tools
  • Programming experience in C, C++ or Java
  • Experience with mobile malware analysis
  • Experience with multiple architectures (x86, ARM, MIPS, etc)
  • Experience in the deobfuscation of malware, analysis of packers, malware decryption techniques or cryptography
  • Experience managing small projects and processes
  • Experience working and communicating directly with clients

#LI-remote

Why should you join Recorded Future?Recorded Future employees (or “Futurists”), represent over 40 nationalities and embody our core values of having high standards, practicing inclusion, and acting ethically. Our dedication to empowering clients with intelligence to disrupt adversaries has earned us a 4.8-star user rating from Gartner and 8 of the top 10 Fortune 100 companies as clients.

Want more info? Blog & Podcast: Learn everything you want to know (and maybe some things you’d rather not know) about the world of cyber threat intelligenceInstagram & Twitter: What’s happening at Recorded FutureThe Record: The Record is a cybersecurity news publication that explores the untold stories in this rapidly changing fieldTimeline: History of Recorded FutureRecognition: Check out our awards and announcements

We are committed to maintaining an environment that attracts and retains talent from a diverse range of experiences, backgrounds and lifestyles.  By ensuring all feel included and respected for being unique and bringing their whole selves to work, Recorded Future is made a better place every day.If you need any accommodation or special assistance to navigate our website or to complete your application, please send an e-mail with your request to our recruiting team at [email protected] 

Recorded Future is an equal opportunity and affirmative action employer and we encourage candidates from all backgrounds to apply. Recorded Future does not discriminate based on race, religion, color, national origin, gender including pregnancy, sexual orientation, gender identity, age, marital status, veteran status, disability or any other characteristic protected by law.Recorded Future will not discharge, discipline or in any other manner discriminate against any employee or applicant for employment because such employee or applicant has inquired about, discussed, or disclosed the compensation of the employee or applicant or another employee or applicant.

Cyber Security Jobs by Category

Remote jobsFull Time jobsWindows jobs

Cyber Security Salaries

Remote SalaryFull Time SalaryWindows Salary