Senior Threat Researcher
Â @Bit9 + Carbon BlackÂ in Waltham, MA
Bit9 + Carbon Black is investing significantly in its Threat Intelligence team and is looking for the very best Threat Researchers in the Industry
. If you enjoy demasking cyber criminals by uncovering their name, address, and facebook account; or love ripping apart the newest malware to see what novel techniques it uses to hide; or the terms âDEPâ, âASLRâ, and âROP chainâ make your ears perk up â we want to talk to you!
As the leader in the next generation endpoint arena, Bit9 + Carbon Black have one of the most extensive endpoint data sets around. As a Threat Researcher within our Threat Intelligence (TI) Team
you will have the opportunity to dig through mountains of real world data to help build a massively scalable, automatically updating Threat Intelligence Ecosystem. If you enjoy researching anomalies to uncover new threat actor groups, tools, and techniques, then youâve come to the right place.
In addition to the research youâll be doing with our data set, youâll also be responsible for:
- Sharing data and expertise with private and public communities
- Creating custom rules for dissemination into the Bit9 + Carbon Black product suite
- Proposing and prototyping new features and functionality into the Bit9 + Carbon Black product suite
- Researching new vulnerabilities, exploits, and mitigations
As such, it is expected that the Threat Research team provides significant leadership and subject matter expertise both internally and externally. Qualified candidates will have prior experience in forensics, incident response, threat research, NIPS/NIDS, HIPS/HIDS, or related areas of information security.
Â General knowledge
- Ability to read x86 assembly code
- Reverse-engineering (Disassemblers, IDA, OllyDbg, or similar)
- Basic understanding of IP packets and networking protocols such as TCP, HTTP, SSL
- Basic understanding of PKI
- Familiarity with windbg
- Driver development and familiarity with OS kernel concepts
- Binary analysis (static or dynamic)
- Static checkers, formal validation, or lightweight formal methods
- Familiarity with implementation of virtual machine and hypervisor technology
- Experience with some pen testing framework (Metasploit, Immunity, Canvas, or similar)
Windows (families: XP through Windows 7)
Â C or C++
Â One or more scripting languages (Python, Ruby, Perl, shell, ...)
Â Multi-threaded programming techniques
Â Socket programming
We are building out the team now. Our initial Threat Intelligence Team hires will be instrumental in shaping the organization and offerings from day one. Our emphasis at this point is to get great people
on board and leverage their strengths as opposed to trying to fill narrowly defined roles. We want the right DNA!
If you feel your interest and industry expertise map up, letâs talk! We want to hear all about what you have done and what could be on deck for you next. Some Background on Bit9 + Carbon Black: www.bit9.com
Bit9 + Carbon Black protects the world's intellectual property (IP) by providing innovative, trust-based security solutions to detect and prevent sophisticated cyber threats. The world's leading brands rely on Bit9 + Carbon Black's award-winning Advanced Threat Protection Platform for endpoint protection and server security.
The company's global customers come from a wide variety of industries, including e-commerce, financial services, government, healthcare, retail, technology and utilities. Bit9 + Carbon Black was founded on a prestigious United States federal research grant from the National Institute of Standards and Technology - Advanced Technology Program (NIST ATP) to conduct the research that is now at the core of the company's solutions.