NetWitness Malware Analyst
Primary Location: Milano Marittima, Italy
NetWitness Malware Analyst:
As one of the most established cybersecurity companies in the world, we at NetWitness are hard at work every day helping our customers and partners better protect their organizations from cyberattacks. Our products and incident response services are used within most large enterprises, governments and militaries for incident response and threat hunting. Our Sales Professionals, Sales Engineers and Professional Services Consultants design and deliver solutions for potential and existing customers to enable better visibility, insight and action to prevent and defend against attacks. NetWitness provides the unique ability to provide one single platform with a unified view across all attack surfaces including Network, Logs/SIEM, Endpoint and IoT combined with our AI-based User and Entity Behavioral Analysis (UEBA) and Security, Orchestration, Automation & Response (SOAR) capabilities.
Are you passionate about working with one of the best IR team in the world? Netwitness is hiring top talent to join our team.
As one of the most established cybersecurity companies in the world, we at NetWitness are hard at work every day helping our customers and partners better protect their organizations from cyberattacks.
Our products and incident response services are used within most large enterprises, governments and militaries for incident response and threat hunting.
As a part of the Netwitness Incident Response team (NWIR) a Malware analyst is working close with the field analysts to extract, formalize and evolve Indicators of Compromise (IOCs) that could help streamline the investigation process and potentially grant a vantage point during the post-incident remediation.
In our Team a malware analyst has experience with threat actor tracking, malware analysis, and reverse engineering of malware.
Responsibilities include, but are not limited to:
- In-depth analysis of malware, including authoring analysis reports.
- Tracking malware campaigns, malicious actors, and related infrastructure.
- Creation of scripts and content to assist in the analysis of malware analysis.
- Cooperate with the Threat Intel team for extensive researches upon of new malware and new attacking techniques.
- Strong experience of analyzing malware
- Intermediate to advanced malware analysis skills
- Intermediate to advanced experience reverse engineering tools such as IDA Pro, x64dgb, OllyDbg, Immunity Debugger and/or Ghidra
- Solid background in C++ programming and Win32 API's
- Experience creating malware analysis scripts for use in tasks such accelerating malware analysis, unpacking malware, and extracting data
- Experience building scripts to emulate malware traffic or C2 services
- Experience in encryption/obfuscation and how to reverse it is desired
- Experience with penetration testing and/or adversary emulation is a plus.
- Basic background in network traffic analysis is a plus.
- Knowledge of networking protocols: TCP/IP, HTTP/HTTPs, FTP, IRC etc
- Industry Certifications such as SANS GREM is desired, but not required
- Able to work independently on tasks, but also work well within a team environment
RSA is committed to the principle of equal employment opportunity for all employees and applicants for employment and to providing employees with a work environment free of discrimination and harassment. All qualified applicants will receive consideration for employment without regard to race, color, and any other category protected by applicable country law.
If you need a reasonable accommodation during the application process, please contact the RSA Talent Acquisition Team at firstname.lastname@example.org. RSA and its approved consultants will never ask you for a fee to process or consider your application for a career with RSA. RSA reserves the right to amend or withdraw any job posting at any time, including prior to the advertised closing date.Job ID: MALWA003330