Information Technology Vancouver, BC, Canada
SophosLabs is recruiting a Senior Threat Researcher to join our Generic Detection Team - the global team of highly skilled security experts that deliver protection against Windows executable threats and applications.
As a member of the Generic Detection Team, you will leverage your reverse engineering skills and your knowledge of different file formats and compiled languages to develop new techniques for classifying and differentiating suspicious and clean files, and new methods for grouping and detecting executable threats and applications. You will employ unpacking and emulation methods to decrypt and de-obfuscate packed code, allowing us to understand the hidden functionality. You will also drive research and data mining initiatives to discover new threats and opportunities to improve protection. In addition, you will liaise with product teams to share key evolutions in the threat landscape to support the development of new protection features.
The Generic Detection Team has members across the multiple locations that make up the global SophosLabs organization. You will work with local and remote security researchers across multiple teams to analyze, classify and create protection for malware,
The successful candidate has extensive knowledge of Windows internals, is fluent in assembly, and has a knack for getting to the bottom of any issue. You enjoy thinking creatively; combining your deep technical knowledge, your tenacity for innovation, and your can-do attitude to solve complex and challenging problems on a daily basis. As a customer-facing team, we recognize and appreciate those with passion to provide the best protection and experience for our customers.
- Lead research efforts within a particular threat research area
- Conduct analysis of a variety of different malware families and threats
- Produce high-quality proactive protection against Windows malware and applications
- Consult with development teams to enhance protection capabilities in Sophos products
- Publish articles and/or whitepapers on research
- Help with complex malware detection issues escalated by customers
- Develop tools, workflow and/or systems improvements
- Available for occasional weekend work
Experience And Skills Essential:
- 5+ years in computer security field, 2+ years direct anti-malware industry experience
- Advanced reverse engineering using IDA Pro
- Expert-level debugging, OllyDbg or WinDbg
- Detailed knowledge of Windows internals and kernel-level analysis
- Proven ability to prioritise and organise assigned tasks
- Ability to work both independently and as part of a team
- Good written and verbal communication skills
- Bachelor degree in Computer Software (or equivalent)
- Published technical / whitepapers
- Data mining experience
- Knowledge of a scripting language, such as Python or Perl
Sophos Canada offers a comprehensive total compensation package including vacation, sick days, BC MSP coverage, extended health coverage which includes medical, dental and vision care, RRSP matching.