Principal Threat Researcher

Job Description

Cyderes (Cyber Defense and Response) is a pure-play, full life-cycle cybersecurity services provider with award-winning managed security services, identity and access management, and professional services designed to manage the cybersecurity risks of enterprise clients. We specialize in multi-technology, complex environments with the in speed and agility needed to tackle the most advanced cyber threats. We leverage our global scale and decades of experience to accelerate our clients cyber outcomes through a full lifecycle of cybersecurity services. We are a global company with operating centers in the United States, Canada, the United Kingdom, and India. About the Job: Cyderes Threat Fusion Team is looking for a highly skilled threat researcher to conduct malware research in support of global security operations. This team will support multiple groups within the company, to include Threat Intelligence, Threat Hunting, DFIR, and MDR, with expert malware research services. The malware research team will also be responsible for tracking malware families, creating and updating kill chains, reverse engineering, and tracking nation-state threat actor activity. In addition, they will create hunting queries and conduct hunting operations in client environments. Other duties for this team include: Responsibilities: Function as a centralized malware reversing team for the companys needs. (support DFIR, Hunters, MDR, etc.) Track threat actors and campaigns via malware research, code reuse, infrastructure usage, general threat profiling. Create, test, verify efficacy for intel-based threat hunting queries for emerging threats. Create a library of actionable threat briefing that include quick analysis, context, and investigative steps for emerging threats (malware families, zero days, major campaigns) (2-5 page quick hit publications). Create white papers with in-depth threat analysis when threat discoveries warrant deeper dive reporting. Create profiles, kill chains, preferred targets, regions, etc for major threat actors / ransomware families This team will actively conduct global threat hunting for emerging threats. Requirements: 6+ years of hands-on experience in Malware Reverse Engineering Proficiency in researching threat actors and producing intelligence reports Malware reverse engineering expertise across Windows, Linux, and OSX samples. Tools should include IDAPRO, OLLYDBG, and similar. OSINT knowledge, using popular sources to expand understanding of threat groups. Advanced VirusTotal research skills, to include retro hunting and API connections. Knowledge of current ransomware groups and other malware families, to include TTP s, code structure, and typical kill chains. Knowledge of DarkWeb research and investigation using popular tool sets. Advanced investigative skills using popular EDR Tools, such as CrowdStrike, SentinelOne, and Microsoft Defender. Able to craft complex queries in their respective query languages. Skilled in querying and reviewing data in popular SIEMS, such as Splunk and Google Chronicle. Skilled in writing concise, compelling, and actionable intelligence reports in English. Able to lead intelligence briefings with customers in English. Note: This job posting is intended for direct applicants only. We request that outside recruiters do not contact us regarding this position.