IBM Jr Malware Analyst in Charlotte, North Carolina

Job Description

IBM X-Force Incident Response & Intelligence Services (IRIS) is looking for a Junior Malware Analyst/Reverse Engineer. This role requires the candidate to provide basic malware triage and run-time malware analysis support to the IRIS team. The candidate will review dynamic analysis artifacts and execute malware in a virtual environment to assist incident responders, cyber threat analysts, and reverse engineers in extracting indicators of compromise. The role requires the candidate to have an understanding of how malicious software interacts with its environment to determine and explain propagation and potential malicious capabilities. The candidate will write signatures to detect and identify malware and learn to develop targeted scripts to support automation efforts.

The candidate will assist with providing industry-leading malware analysis for advanced cyber threat incidents and research support across several security domains in an exciting and growing security delivery organization within IBM. The malware analyst will work with IBM Incident Response teams to triage cyber threat activity, cooperate across IBM Security’s proprietary telemetry to model threat activity (open source and from industry leading sources in IBM Security), and support analysts writing intelligence research on X-Force Exchange.

Required Technical and Professional Expertise

  • Minimum 1-3 years of experience supporting cyber related activities, computer or network investigations

  • Experience with basic run-time analysis of malicious code in a virtual environment.

  • Experience developing simple tools or scripts.

  • Demonstrated experience using dissemblers or debuggers (IDA Pro, IDA Python, Immunity, Olly), malware sandboxes, unpacking tools, and packet analyzers (such as WireShark).

Preferred Tech and Prof Experience

  • Ability to work independently and as part of team to conduct malware analysis in support of technical incident response and/or threat hunting and research.

  • Demonstrated ability to present technical findings through written reports or oral briefings for dissemination to various technical audiences.

  • Comfort programming in a high-level programming language (C, C++, Python).

  • Understanding of fundamentals of operating systems to be able to explain malicious software execution, propagation, and persistence.

  • Experience with network or log analysis.

  • Experience or knowledge of hunting and detecting malware using YARA signatures.

  • Experience with open source intrusions set profiling and researching malware family analysis.

  • Familiarization with Linux or Mac OS operating system internals.

  • Support incident response partners or managed security teams.

EO Statement

IBM is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. IBM is also committed to compliance with all fair employment practices regarding citizenship and immigration status.