Morphisec’s malware research team is seeking mid-level to senior candidates to join as threat hunters and analysts. The malware research team is responsible for quarterly threat reports, investigation of top evasive malware identified on customer sites, identifying new trends and recommendations for the best way forward. Our analysts are also responsible for company training sessions, authoring topical blog posts and responding to media opportunities.
Successful candidates will have excellent technical skills, impeccable soft skills, and be well-organized, self-directed individuals with familiarity working for a service-based information security consultancy. Previous cyber blogging experience is an advantage but not a requirement.
The position will be located in Boston, MA, at Morphisec’s offices near South Station.
- Conduct large-scale investigations and examine endpoint and network-based sources of evidence.
- Conduct host forensics, network, forensics, log analysis, and malware triage in support of hunt operations.
- Build scripts, tools, or methodologies to enhance hunting/investigation processes.
- Serve as subject matter expert (SME) in one of the following areas: network, forensics, log analysis, and malware triage
- Train others on the use of forensic and incident response techniques and tools
- Interface with client contact(s) and staff in a constructive and professional manner
- Utilize common forensic and incident response tools
- Develop comprehensive and accurate reports and presentations for both technical and executive audiences.
- Effectively communicate investigative findings and strategy to client stakeholders including technical staff, executive leadership, and legal counsel.
- Assist with scoping prospective engagements, participating in investigations from kickoff through remediation, and mentoring less experienced staff.
- 3+ years of previous experience in hunting threats, including reversing and debugging malwares
- Ability to work within a team to conduct a Compromise Assessment for the full project lifecycle.
- Ability to communicate effectively with customers, team members and upper management for project delivery
- Demonstrable aptitude for technical writing, including assessment reports, presentations and operating procedures
- Strong understanding of Windows internals
- Understanding of security principles, policies, and industry best practices
- Ability to travel 15% on a continuous basis
ABOVE AND BEYOND:
- 5+ years of previous experience in hunting threats, including reversing and debugging malwares,
- Public community contributions (conference presentations, blog posts, white papers, public tool development, etc...)
- Strong experience in technical writing