Information Technology Vancouver, BC, Canada
SophosLabs is recruiting a Senior Threat Researcher to join our Dynamic Protection Team – the global team of highly skilled security experts that deliver zero-day protection against Windows malware.
As a member of the Dynamic Protection Team, you will leverage your deep understanding of the Windows platform to develop proactive protection against prevalent malware families and common attack vectors. Strong reverse engineering and debugging skills will help you develop behavioral and memory-based detections that are immune to modern malware obfuscation tactics. Additionally, your detailed understanding of web technologies, Internet applications and network protocols will be key in contributing protection measures against common malware attack vectors, such as drive-by downloads and command & control channels.
You will also drive research and data mining initiatives to discover new threats and opportunities improve protection. In addition, you will liaise with product teams to share key evolutions in the threat landscape to support the development of new protection features.
The Dynamic Protection Team has members across the multiple locations that make up the global SophosLabs organization. You will work with local and remote security researchers across multiple teams to analyze, classify and create protection for malware.
The successful candidate has extensive knowledge of Windows internals, is fluent in assembly, and has a knack for getting to the bottom of any issue. You enjoy thinking creatively; combining your deep technical knowledge, your tenacity for innovation, and your can-do attitude to solve complex and challenging problems on a daily basis.
- Develop behavioral & memory-based detection for prevalent malware families
- Produce in-depth analysis of malware families and malicious techniques
- Investigate & write remediation procedures for infected machines
- Consult with development teams to enhance protection capabilities in Sophos products
- Publish research on malware families or tactics in blogs, whitepapers or conference proceedings
- Contribute to the development of in-house analysis tools, and automated systems
Experience And Skills
- 5+ years in computer security field
- Expert-level debugging, OllyDbg or WinDbg
- Detailed knowledge of Windows internals, process kernel-level analysis
- BSc in Computer Science (or equivalent), MSc a plus
Sophos Canada offers a comprehensive total compensation package including vacation, sick days, BC MSP coverage, extended health coverage which includes medical, dental and vision care, RRSP matching.