5 Yara Jobs

The C3iHub at IIT Kanpur is in search of a highly motivated and skilled Malware Analysis Researcher to join the cybersecurity research team. As a Malware Analysis Researcher, you will be responsible for conducting static and dynamic analysis of various malware samples, including formats like PE, PDF, ELF, and APK. Automation of analysis tasks using scripting tools such as Python, Bash, or others will be a key aspect of the role. You will also be involved in setting up and maintaining sandbox environments for behavior monitoring and analyzing packed, encrypted, or obfuscated malware through reverse engineering techniques. Additionally, the ideal candidate will have experience in utilizing and contributing to open-source tools like YARA, Volatility, Ghidra, and Radare2. Curating and labeling malware datasets for machine learning pipelines, conducting source code analysis using SAST and DAST tools, and authoring technical documentation are also part of the responsibilities. Furthermore, collaborating with internal teams on threat research, detection model tuning, and proof of concept development will be essential. Occasional travel within India may be required for project-related meetings, demonstrations, or coordination. To be eligible for this position, candidates must hold a Master's degree in Computer Science, Information Security, or a related field, along with at least 2 years of hands-on experience in malware analysis or reverse engineering. Proficiency in scripting languages like Python and Bash, familiarity with threat analysis tools, and a strong understanding of malware behavior, file formats, and analysis techniques are necessary qualifications. Preferred qualifications for the role include specialization in Cybersecurity or Information Security, experience with tools such as IDA Pro, Ghidra, Wireshark, or Sysmon, exposure to ML/AI-based malware classification projects, and research publications in reputable cybersecurity journals or conferences. The successful candidate should be prepared to travel across the country for project execution and monitoring, as well as for coordination with geographically distributed teams. Interested applicants are required to submit a cover letter summarizing their experience in relevant technologies and software, along with a resume and the latest passport-size photograph.,

We are seeking a Threat Researcher to join our Threat Research team and contribute to the identification of cyber threats, code dissection, and malware reverse engineering. As a Threat Researcher, you will be responsible for conducting research semi-autonomously, generating concise written analyses and visual presentations of findings, and collaborating with clients to deliver innovative detection and eradication solutions to mitigate risks to their networks and operations. The ideal candidate should exhibit technical expertise and a proactive mindset to understand and meet company and customer requirements effectively. Your responsibilities will include: - Analyzing malicious software to discover new techniques and potential targets for client intelligence requirements - Conducting Threat Hunting exercises using telemetry data - Documenting attack capabilities, understanding propagation characteristics, and defining detection signatures - Independently conducting data collection, developing solutions, and supporting intelligence production as per standard operating procedures - Analyzing malware to determine attack techniques and targets - Writing sigma rules for identified malware samples Key requirements for this role include: - A Bachelor's or Master's degree in Computer Science or a related field - Previous experience in threat research with a focus on malware analysis - Demonstrated expertise in advanced reverse engineering of file-based threats, exploits, and attack techniques - Familiarity with using the Pyramid of Pain alongside MITRE's ATT&CK Framework for developing threat hunting hypotheses - Knowledge of Advanced Persistent Threat (APT) tactics and targeted attacks - Strong understanding of mitigation strategies like Suricata, Snort, and YARA signatures - Proficiency in structured programming principles to disassemble code effectively - Expertise in at least one major Operating System to dissect behavior-based systems - Familiarity with malware-based automation workflows and techniques - Basic programming and scripting skills (e.g., .NET, Perl, Java, or Python) This position is based in Hyderabad, India, and requires a minimum of 2 years of relevant experience. It is a full-time role that offers the opportunity to work on challenging projects in the field of threat research and cybersecurity.,

ZHARNYX Cyber Defense Skill Challenge (Not a Job | No Fees | No Certs) LEGAL DISCLAIMER: ZHARNYX is a community initiative run by cybersecurity engineers. This is not a company , not a job offer, and not affiliated with any institute. There is no money involved no payments required, and no payments offered. What Is ZHARNYX ZHARNYX is Indias first elite Blue Team learning tribe built by real SOC engineers. We help serious learners skip the fluff , forget the "cert game", and build real skills that matter in ?1020 LPA cybersecurity roles. Who Can Join Youve done a course (Greens, SkillUp, Udemy, etc.) but dont feel job-ready You want to work on real-world security tools and attacks You care more about skill-building than collecting certificates Youre tired of "learning alone" and want a serious community to grow with You want daily growth , not classroom theory What We Dont Do ? No salary / stipend ? No certificate ? No fake guarantees ? No guru lectures ? No money will ever be asked this is 100% free and skill-based What Youll Get Learn top tools: Splunk, Wireshark, CyberChef, Volatility, YARA, etc. Hands-on log challenges + real-world cyber incidents Build features for our own AI-powered SOC project (AegisX) Real-time support from solo cybersecurity engineers Become a recognized ZHARNYX warrior (publicly credited for your skills) Final Note This is a community-based learning opportunity . We are not a registered company We will never ask you for money We dont offer jobs or certificates We exist only to help serious defenders grow, build, and get job-ready If you&aposre truly ready to stop watching and start doing ZHARNYX is waiting. Show more Show less

Key Responsibilities: Develop, test, and maintain detection use cases across SIEM, EDR, NDR, and cloud security platforms. Proactively hunt for threats using behavioral analytics and threat intelligence feeds. Write detection rules (e.g., Sigma, KQL, SPL, YARA, Snort), based on MITRE ATT&CK and emerging threat techniques. Analyze security logs and telemetry to identify malicious activity and suspicious patterns. Collaborate with the SOC, incident response, and threat intel teams to build a proactive defense model. Stay up to date on cyber threat landscape and contribute to improving detection strategies. Work with automation tools (SOAR) to respond to threats and improve detection-response cycles. Key Skills Required: Strong knowledge of threat detection methodologies, malware behavior, and attack techniques Hands-on experience with SIEM tools (e.g., Splunk, Sentinel, QRadar, Elastic) Proficiency in writing detection logic using KQL, SPL, Sigma, or custom rule languages Familiarity with MITRE ATT&CK, threat intelligence feeds, and IOC correlation Experience with log parsing, network forensics, and endpoint telemetry Scripting knowledge (Python, PowerShell, or Bash) for automating detection and analysis tasks Understanding of cloud security (AWS, Azure, GCP) and detection engineering in cloud-native environments is a plus

Job description Job Title : Security Researcher EDR. Role Overview: We are looking for a skilled EDR Security Researcher. Your primary responsibility will be to evaluate and improve our EDR product's detection capabilities by identifying detection coverage gaps and developing signatures to address these gaps effectively. About The Role : Reverse engineer malware to identify malicious code, obfuscation techniques, and communication protocols. Author detection rules for behavior-based detection engines. Conduct deep research on attacker campaigns and techniques to support detection investments and improve customer experience. Write generic threat detections based on static and dynamic detection engines. Demonstrate a strong understanding of cybersecurity threats, attack techniques, and the MITRE ATT&CK framework. Conduct proactive and reactive threat hunting and identify detection issues such as misses or misclassifications from a large-scale dataset. Respond to escalations to resolve detection effectiveness issues (misclassifications, false positives, and false negatives). Engage and collaborate with diverse partner teams to drive great customer experiences and ensure holistic protection. Develop alerting, reporting, and automated detection solutions. Build tools and automation to improve productivity. About You: 3+ years of experience writing detection using Snort, Yara, Sandbox, or proprietary detection engines. 2+ years of experience performing threat hunting or deep familiarity with incident response procedures, processes, and tools. 2+ years of experience querying and analyzing (for malware/TTPs) large datasets. Experience in programming or scripting languages (e g, Python, PowerShell). Experience in utilizing various malware analysis tools and frameworks (e g, IDA Pro). Experience performing detection engineering across multiple operating systems, including Windows, Linux, and macOS. Excellent verbal and written communication skills in English. Company Benefits and Perks: We work hard to embrace diversity and inclusion and encourage everyone to bring their authentic selves to work every day. We offer a variety of social programs, flexible work hours and family-friendly benefits to all of our employees. Retirement Plans. Medical, Dental and Vision Coverage. Paid Time Off. Paid Parental Leave. Support for Community Involvement. We're serious about our commitment to diversity which is why we prohibit discrimination based on race, color, religion, gender, national origin, age, disability, veteran status, marital status, pregnancy, gender expression or identity, sexual orientation or any other legally protected status.