SENIOR THREAT RESEARCHER
Full-Time - Remote/Office Flexible
Ready to give some hackers hell? On the Blackpoint Cyber Team, we win the unfair fight while helping others protect what’s most important to them. Simply put, our team takes out the adversaries before they can even see us coming. Join us today and help put the bad guys in their place for good.
Blackpoint Cyber was built by former US Department of Defense and Intelligence security experts focused on stopping malicious tradecraft and safeguarding MSP operations. Our mission? Provide absolute and unified Managed Detection and Response services to organizations across the world.
On this team, we value high-quality execution, ownership, and strong morals. With us, principles are never tested, and we are proud to always do right by our customers. If you’re a driven professional with a passion for learning and contributing towards the best, then Blackpoint welcomes you. Our team is energetic and collaborative, maintaining a high-performance culture and enabling growth through overcoming challenges in the modern cyberthreat landscape.
What You’ll Do
As a Senior Threat Researcher, you will be focused on malware analysis, threat hunting, and intrusion analysis to provide Blackpoint’s Threat Operations Center and our partners with critical threat intelligence to thwart adversarial activity. To be successful in this role, you will show a passion for tracking ransomware gangs and nation-state threat actors that are targeting our partners and their clients. This role will be a significant contributor to our highly skilled team of threat experts delivering proactive protection and education on eliminating cyber risk.
Who You Are
Blackpoint Cyber is looking for someone who:
- Shows enthusiasm for threat investigation, research, and solution implementation.
- Is a creative problem solver with a knack for thinking critically and outside of the box.
- Has a deep technical knowledge and is determined to bring innovative ideas to work.
- Has a can-do attitude and naturally takes responsibility for their tasks to get things across the finish line.
- Feels comfortable managing their workday to meet tight and changing deadlines.
What You’ll Bring
- 4+ years of experience in malware research, threat hunting, and intrusion the ability to produce thoroughly researched threat reports and summaries.
- Fundamental knowledge of Windows OS internals and working with the Windows Sysinternals Suite.
- In-depth experience in creating YARA rules, or Sigma rules.
- In-depth experience with scripting and programming languages such as Python, Rust, C#, and Go. Knowledge of x86 and x86-64 assembly language is an asset.
- Strong understanding of analyzing obfuscated scripts and compiled code.
- Confidence with Debuggers and Decompilers such as IDA, Ghidra, and DNSpy.
- Excellent written and oral communication skills, including the ability to give presentations to non-technical consumers or contribute on panels at security conferences.
- Ability to work independently and be self-driven on projects.
- Certifications such as GREM, OSCP, OSCE, and eCMAP.
How You’ll Make an Impact
- Identify new and emerging malware techniques and monitor changes to existing malware strains.
- Perform in-depth static and dynamic analysis to reverse engineer malware samples discovered during incident handling.
- Perform research to associate malware samples and/or malicious activity to known threat groups or emerging threats and highlight all relevant indicators of compromise and adversary tactics, techniques, and procedures (TTP).
- Research and produce threat intelligence reports, blogs, and external presentations.
- Create robust malware sandbox environments to automate triage of commodity malware.
- Conduct OSINT research to track threat actors and their associated infrastructure.
- Work closely with threat hunters to assist with the creation of threat detection rules.
To apply, please prepare a resume and cover letter. For more information about Blackpoint Cyber, visit our website at www.blackpointcyber.com.
Blackpoint Cyber welcomes and encourages applications from qualified individuals of all races, color, religion, sex, sexual orientation, gender identity or expression, national origin, age, marital status, or any other legally protected status. We are committed to equality of opportunity in all aspects of employment.
We thank everyone for their interest, but only those candidates selected for an interview will be contacted.
Blackpoint’s Response to COVID-19
We take a very proactive response to COVID-19 with all staff working remotely from home. Hygiene protocols are in place throughout the building and office if there is a need to visit. Our company’s systems and processes are set in such a manner that there should be no limitations to your productivity when working from home. We are in constant communication globally. During these challenging times, Blackpoint Cyber takes the opportunity to envision a new way of working together while continuing to collaborate meaningfully with those whom we serve and defend.