SOC Malware Analysis & Reverse Engineering SME

Job Description

Job Title: SOC Malware Analysis Reverse Engineering SME Location: UniOps Bangalore RESPONSIBILITIES The person in this role is expected to generate leads for the Incident Response team for timely threat assessment, containment and response actions. It is expected that the person leads malware analysis and reverse engineering function and coordinates with internal/external cyber investigation teams for enabling effective response. Dissects malware samples to reverse engineer and conduct static and dynamic/behavioral analysis to extract IoCs and determine TTPs to help assess the relevant threat better and potential impact. Utilizes latest and advanced knowledge of relevant malware analysis tools and technologies (such as debuggers, compilers and sandboxes) for analyzing the threats and for supporting investigations. It is expected that the person in this role can leverage specialized knowledge, skill and experience to de-obfuscate and reverse engineer heavily obfuscated and virtualization/sandbox aware samples. Leads malware analysis lab capability building and investigations. The person in this role is expected to effectively integrate and automate relevant capabilities (such as Threat Intel IoCs, EDR, NDR, SIEM, etc) for context enrichment and to enable effective threat assessment at scale and with speed. Ensures that all analysis and investigations are appropriately conducted and documented as per cardinal forensic and operational security principles and organisation s SOPs. KEY REQUIREMENTS MANDATORY Strong ethics, communication and team skills Hands-on experience with Enterprise SIEM (like Splunk, QRadar, Sentinel, etc) and EDR tools (like Microsoft Defender, CrowdStrike Falcon, etc) Hands-on experience with relevant debuggers, compilers and malware analysis tools (like windbg / ollydbg, IDA Pro, ghidra, procmon, wireshark / tshark, fiddler, etc) Hands-on experience in working with yara and sigma rules for threat assessment at scale. Minimum 10 years of enterprise experience in global SOC (Security Operations Centre) operations and minimum 5 years of hands-on malware analysis experience. Working knowledge of at least one of the scripting tools: Python/ Perl/ PowerShell. GIAC Certification GCFA or GREM