Malware Research Scientist - Enterprise Security (10-15 yrs)

As a Malware Research Scientist you will be responsible for establishing a state-of-the-art malware analysis lab, build and lead a small team of researchers, and spearhead hands-on investigations to uncover the intricacies of the latest threats. You will be hands-on in terms of live testing with malware (especially ransomware) in a controlled environment to provide guidance in terms of malware artifacts & indicators of attacks (IOAs) to the engineering and product development team to enhance the security aspects of the product line.

Key Skills :

- Proven experience as an Enterprise Security Architect

- Excellent working knowledge of how to model threats & risks as well as the controls necessary to mitigate them, on both an organizational and technical level

- A background in general security practices of cloud security in AWS/Azure/OCI, Linux, M365 application/API security, firewalls, IDS/IPS, sandboxing, threat intelligence, vulnerability assessment and mitigation, SIEM, auditing, encryption, data loss prevention , threat intelligence etc

- Attained at least one or more certifications: OSCP & SANS certs or other Security certifications

- Strong communication (verbal and written), problem solving, executive presence, and interpersonal skills

- Good technical understanding of malwares behavior, cyber kill chain, incident response and recovery process, forensic data collection, disaster recovery. Direct hands-on experience in at least one of these areas will be preferred

Roles & Responsibilities :

Technical Expertise :

- Design and implement a secure malware analysis lab environment.

- Conduct in-depth analysis of malware samples, particularly focusing on ransomware variants.

- Leverage reverse engineering, static analysis, and dynamic analysis techniques to dissect malware behavior.

- Identify and document Indicators of Compromise (IOCs), MITRE TTPs and Indicators of Attacks (IOAs) associated with analyzed malware.

- Analyze the impact of ransomware on data, cloud infrastructure (AWS, Azure, GCP), and SaaS applications (M365, Google Workspace, etc.).

- Develop and implement innovative detection and mitigation strategies to defend against the latest malware and ransomware threats.

- Stay current on emerging threats and trends through ongoing research and threat intelligence gathering.

Communication & Collaboration :

- Collaborate with Product Managers to understand & stay updated on the customer requirement, help PMs build intricacies of product security features

- Work closely with the marketing team to develop clear and effective product messaging, contribute with research papers and blogs, and communicate product features to the market.

- Translate complex technical findings into clear and concise reports for both technical and non-technical audiences.

- Collaborate with engineering and security teams to integrate threat intelligence findings into security solutions and incident response procedures.

- Present research findings and threat insights to internal stakeholders.

Qualifications :

- Engineering degree in Cybersecurity, Computer Science, or a related field (or equivalent experience).

- Minimum 10+ years of experience in malware analysis and threat research.

- Proven experience in leading and mentoring a security research team. Interns and freshers

- In-depth knowledge of malware analysis techniques (reverse engineering, static analysis, dynamic analysis, sandbox environments).

- Strong understanding of ransomware variants and their impact on various systems (data, cloud infrastructure,SaaS).

- Excellent written and verbal communication skills.

- Ability to work independently, manage multiple projects, and prioritize effectively.

- Passion for staying ahead of the evolving threat landscape.