Malware Analyst

OPPORTUNITY OVERVIEWZeroFox seeks a Malware Analyst to identify, analyze and mitigate malicious software threats affecting the Public Services Sector (PSS). We are looking for someone to apply their technical knowledge of malware families, associated vulnerabilities, etc, to the research of threat actors. 

Role and responsibilities

• Research malware utilized by threat actors to identify indicators of compromise (IOC), conduct attribution analysis, and assess potential impacts to clients
• Analyze malware and malware-related reporting to assess attribution, TTP, and other pertinent information in line with client information requirements
• Perform research on malware utilized by threat actor groups and provide input to written reports
• Identify IOC and utilize proprietary ZeroFox tools to catalog and assess associated vulnerabilities in networks of interest
• Research malware families and TTP in use by threat actor groups to identify and analyze trends in support of finished intelligence products

Required qualifications and skills

• Experience conducting malware analysis and research, typically obtained in 5+ years
• Background in malware analysis and knowledge of applicable tools and techniques
• General familiarity with threat actor groups and tactics, techniques, and procedures (TTP), such as ransomware gangs, advanced persistent threat groups, cyber crime groups, etc.
• Capable of conveying research and analysis in written formats 
• Comfort working in a small team environment with flexibility to engage in multiple processes
• Ability to utilize common malware analysis tools
• Meaningful experience using any combination of the following tool categories: Network Analysis, Suspicious File Analysis/Sandboxing, Reverse Engineering, Programming / Scripting
• Ability to apply malware analysis and research to threat actor activities and articulate findings in written / verbal formats

Desired qualifications and skills

• GIAC Reverse Engineer Malware (GREM) or Certified Ethical Hacker (CEH) or CISSP Certification
• Experience tracking threat actor groups
• Cybersecurity degree with emphasis on Information Assurance or Network Engineering (or equivalent experience)
• Experience working with US government organizations
• High degree of comfort operating on a small team 

Benefits

• Competitive compensation
• Community-driven culture with employee events
• Generous time off 
• Comprehensive health benefits & 401(k) plan
• Respectful and nourishing work environment, where every opinion is heard and everyone is encouraged to be an active part of the organizational culture

Interested?

• Ready to apply? Visit us at https://www.zerofox.com/careers to find out more and join the best team in the security industry.
• Not ready to apply? Email careers_at_zerofox_dot_com to speak with a member of the team!

Other Information

• This position will report to the Lead, Principal Analyst
• This position may entail up to 5 % travel
• This role will be based out of our office in Savannah, GA (hybrid)
• This role requires occasional work on nights and weekends as needed.

ABOUT ZEROFOXZeroFox is on a mission to make the internet safer for all. Innovation is at our core – we are relentless in the pursuit of finding new ways to disrupt external cyber threats on the surface, deep, and dark web. ZeroFox offers the only unified cybersecurity platform combining advanced AI analytics, digital risk and privacy protection, full-spectrum threat intelligence, and a robust portfolio of breach, incident and takedown response capabilities to protect customers from growing threats across the external attack surface. It’s a great time to join us in the Fox Den – with fresh private equity funding, expanding investments in AI, a people-first culture, and centers of excellence around the world, we’re growing like never before. If you’re looking for a mission-oriented, customer-focused, collaborative team and ready to take the fight to the adversary, apply to join us in the Den today.
Equal Opportunity, Diversity & InclusionWe aim to build a team that represents a variety of backgrounds, perspectives, and skills. We embrace inclusion and ensure equal employment opportunity without discrimination or harassment based on race, color, religion, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity or expression, age, disability, national origin, marital or domestic/civil partnership status, genetic information, citizenship status, military or veteran status, or any other personal characteristic.