Job Title:
Security Researcher
Role Overview:
This role requires the candidate to provide Clean File / Allow List content categorization and analysis. We are seeking an enthusiastic Allow List Researcher to join our growing organization. Our global ARC Threat Research organization works in the areas of malware research, response, Threat Intelligence and system Engineering and development. As part of this role you will be expected to learn the ins-and-outs of our clean file categorisation procedures, source clean files and develop automation for automated classification, resolve false detections, and ensure minimal false detection rates for ENS and other products. Additionally, you will help to develop automation and author content which will help fight the bad guys.
About the role :
-
Perform Researcher level analysis and categorization of non-malicious files
-
Perform Researcher level analysis and categorization of Potentially Unwanted Programs PUPs
-
Well versed with authoring content signatures.
-
Author Whitepapers and threat research blogs.
-
Improve our sources of clean files
-
Resolve false positive detections on non-malicious files
-
Resolve false positive detections and categorize files submitted by the Trellix Get Clean application
-
Analyze digital certificates and classify accordingly
-
Develop and improve automation for processing bulk samples
-
Resolve 3rd party vendor escalations
-
Resolve Gateway Anti-Malware false positive detections
-
Develop customer clean file submission programs
-
Proactively classify files to prevent detection
-
Write Crawler scripts.
-
Automate daily operational tasks
-
Take responsibility for updating skills and technical growth
-
Interact effectively with other team members, actively support both team and company direction
-
Able to effectively multi-task, accepting changing direction in a fast-moving threat landscape
About you :
-
Degree Level Computing Qualification or equivalent with 2+ years demonstrated experience.
-
Ideally you will have previous experience in a Security Research / Content Categorization related role
-
You should have experience in Python, C/C++, GenAI or other similar programming languages.
-
You should have experience of various malware analysis tools, and be able to determine if a file is clean, malicious or a Potentially Unwanted Program
-
You should have knowledge of Windows OS internals - memory, threads, processes, API, etc.
-
You should have knowledge of Networking protocols and experience with network traffic analysis tools (Wireshark, Fiddler).
-
You should have excellent problem-solving skills, fast learner, self-motivated to take initiatives with focus on achieving results in timely manner.
-
Ability to positively adapt to changes and multitasking in a fast-moving industry
-
Willingness to work flexible hours when required
