Technical Cybercrime Analyst (Remote)

Website FireEye

FireEye is the intelligence-led security company. Working as a seamless, scalable extension of customer security operations, FireEye offers a single platform that blends innovative security technologies, nation-state grade threat intelligence, and world-renowned Mandiant® consulting. With this approach, FireEye eliminates the complexity and burden of cyber security for organizations struggling to prepare for, prevent, and respond to cyber attacks. Learn more about FireEye’s world-class solutions and global footprint at https://www.fireeye.com/company.html.

Job Description

FireEye is seeking a Technical Cybercrime Analyst to join our Mandiant Intelligence’s Financial Crime team.  This team identifies, tracks, and reports on financially-motivated threat actors impacting organizations across the globe. This work supports corporate and government intelligence clients as well as other divisions of FireEye. The Technical Analyst will play an important role on our team, leading the investigation and analysis of these operators. An emphasis will be placed on the identification of novel and impactful malware campaigns and intrusion activity. The successful candidate is a seasoned analyst capable of interpreting vast quantities of data from various sources and communicating those findings to both internal and external stakeholders. We encourage giving back to the community and strongly support sharing of expertise by authoring whitepapers and speaking at conferences.

Responsibilities

  • Identify, assess, and track the tactics, techniques, and procedures of financially motivated threat actors using the unique data produced across all of FireEye and via your own independent research
  • Perform technical analysis on malicious or suspicious artifacts, attacker infrastructure, and forensic data sourced from organizations impacted by some of the world’s most capable cyber criminals
  • Stay current on new malware families, new capabilities and public reporting on these issues
  • Support the creation of custom analytic products for internal and external stakeholders based on conclusions and judgments derived from FireEye’s proprietary datasets and the analyst’s independent research
  • Work independently and collaborate with individuals throughout the FireEye organization to develop and coordinate the production of intelligence product

Qualifications

Required:

  • Strong understanding of cybercrime threats and the cyber criminal ecosystem
  • Understanding of the tools and tactics used to distribute malware
  • Experience analyzing malicious binaries, office files, pdf and jar files, reviewing automated sandbox reports, and reviewing network packet captures
  • Comfortable with scripting languages (e.g. Python, Ruby, or other)
  • Ability to write Yara and Snort signatures for the purpose of identifying and classifying malware
  • Ability to communicate complex technical concepts to non-technical people

Preferred:

  • Possesses deep subject matter expertise on several different cybercrime malware families and/or threat actors, including how they have evolved over time
  • Practical experience as an intelligence analyst
  • History of participation in industry or technology information sharing groups, formal or informal
  • Understanding of monetization and fraud strategies employed by cyber threat actors
  • Comfortable independently interacting with external audiences
  • 4+ years experience working with malware or exploits, or engaged in either threat research or incident handling
  • Foreign language skills in Russian, Chinese, Arabic, Farsi, and/or other major European languages

To apply for this job please visit jobs.smartrecruiters.com.