1) Research Scientist - MALWARE
Researchers are responsible for analysis and reverse engineering of malware samples, development and testing of signatures and other solutions, and writing descriptions or other documentation about particular threats or classes of threats. Successful applicants will:
- Write detection and repair routines for significant field and collection threats.
- Write malware descriptions.
- Contribute significantly to outbreaks occurring on his/her watch.
- Represent Company professionally within the AV or security communities, such as mailing lists, consortia, etc.
- Work with other security researchers within Avert Labs to analyze trends, vulnerabilities, or other non-malware security events.
- Weekend, evening or other out-of-normal hours work will be required.
Successful candidates will meet the following requirements:
- At least 3 years experience in malware handling and analysis or other low-level security field.
- Ability to use disassemblers and static analysis tools to inspect potentially malicious files.
- Ability to use run-time monitors to analyze malware activity in a black-box fashion.
- Solid understanding of x86 assembly language.
- Acknowledged expertise in some field of anti-malware or security research.
- College degree in Computer Science or equivalent experience.
- Fluent business and technical communuications in both English and Chinese.
A few more keywords to help you in the hiring:
Tools:
- Run-time Analysis tools - RegShot, InControl, SysInternals, FileMon, RegMon
- Rootkit tools - Rootkit Unhooker, GMER
- Debuggers - WinDBG, OllyDbg
Functions:
- Heuristics Research
- Rootkits
- Parasitic
- Packer Research
- Obfuscation Research
More detailed JD:
Web Security, P2P/IM Security Researcher
Description:
Company Avert Labs is looking for seasoned security researchers to contribute in the investigation, detection, and prevention of threats on Web services/servers, peer-to-peer (P2P) and instant-messenger (IM) for our industry leading network security solutions.
Responsibilities:
The main responsibilities for this position focus on threats for the APAC region:
?Perform leading edge Web and P2P/IM threat research and analysis with one of the world's most respected research teams, Company Avert Labs
?Develop signatures or algorithms to detect and block the threats.
Qualifications:
The qualified candidates are expected to possess:
?3-5 years direct or equivalent experience in areas of networking/system administration, P2P/IM/protocols security analysis and response, and software development
?Expert knowledge on web security, web related malware, concepts like SQL injection, XSS, Web 2.0 threats, etc
?Expert knowledge of P2P/IM protocols, such as BitTorrent, Edonkey, Skype, QQ, Xunlie etc
?Proficient with at least one scripting language (perl, python, etc)
?Proficient RFC level working knowledge of networking protocols including: TCP/IP, HTTP, DNS, HTTPS, etc
?Proficient with network traffic analysis tools such as wireshark/tcpdump, TCPView, Linux-iptables/libipq, etc will be a plus
?Network based IPS knowledge and experience is a definite plus
?Strong problem solving, troubleshooting, & analytical skills
?Experience of working in fast-paced development environments
?Good written & verbal communication skills
?Good inter-personal and teamwork skills
Personality:
Self-driven, proactive, hardworking, team-player
Education:
BS/MS in computer science or equivalent experience
Job Description: Research Scientist/Security Research Engineer
[Job Responsibility]
* Layer seven protocol parsing for network-based IPS (Intrusion Prevention)
* Attack signature writing for network-based IPS
* Threat analysis, vulnerability research
* Reverse engineering
* Enhance the infrastructure to facilitate vulnerability research and attack signature release process
[Qualification/Education]
* Solid networking background, especially with TCP/IP protocol stack
* Experience with network security
* Experience with software development especially skills in programming languages such as C
* Understanding of software exploitation and common vulnerabilities is a plus
* CS related graduate or 1 years+ work experience; a master degree is preferred but not required
启发式研究
