IBM Malware Reverse Engineer 

Philippines, Quezon City 

970427607

As a Malware Reverse Engineer, you’ll completely reverse engineer malicious software, write detailed reports on command functionality, malware communications, and encryption mechanisms, and develop targeted python scripts to support identification and automation efforts.

• Provides expert technical analytical support and advanced malware analysis support to the X-Force Threat Intel and Incident Response teams.
• Provides industry-leading malware analysis for advanced cyber threat incidents and research support across several security domains in an exciting and growing security delivery organization within IBM.
• Will work with IBM X-Force Incident Response teams to triage cyber threat activity, cooperate across IBM proprietary telemetry to model threats, and support analysts writing intelligence research.
• Proactively searching for indicators of compromise (IOCs), performing in-depth analysis of incident data, and contributing to incident response efforts by providing actionable insights and recommendations in a timely fashion.

Required Technical and Professional Expertise

• Minimum 5 years of experience in malware reverse engineering and in-depth knowledge and experience in advanced malware analysis techniques. This includes proficiency in unpacking packed or obfuscated malware, understanding rootkit functionality, analyzing complex exploit chains, and dissecting sophisticated evasion mechanisms. The reverse engineer should be capable of reading, understanding, and analyzing highly complex and optimized assembly code.
• Proficiency with coding in a high-level programming language (C, C++, Python etc…) to support analysis work or to parse data from various data structures to include malware configuration blocks, cryptographic key values, etc…
• Experience with debugging and disassembling tools , such as IDA Pro, x64dbg, Windbg, GDB, to inspect and analyze malware binaries. Familiarity with debugging techniques, breakpoints, and runtime analysis for dynamic malware analysis.
• S trong understanding of assembly language (x86/x64/ARM). Ability to read and comprehend low-level code to decipher the behavior of malware and identify potential vulnerabilities or exploits.
• Ability to develop signatures and rules for threat research to identify malware families and activities such as YARA, network, or behavioral signatures

Preferred Technical and Professional Expertise

• Ability to work independently and as part of a team to conduct malware analysis in support of technical incident response and/or threat hunting and research
• Demonstrated ability to present findings from malware analysis through written reports or oral briefings for dissemination to various technical audiences
• Ability to analyze a wide range of malware file types such as ELF and MacOS binaries.
• Capable of analyzing any given artifacts such as files, logs, network packets, registry hives and memory dumps.
• Experience with analyzing malicious documents and understanding associated exploit techniques
• Strong working knowledge in Operating Systems (Windows, MAC, Linux) and processor architectures (x86, x64, ARM etc.)
• Experience supporting incident response partners, managed security, or threat intelligence teams.