---------------------------------------------------
SECURITYFOCUS JOBS - NEW OPPORTUNITY
---------------------------------------------------
JOB DESCRIPTION
---------------------------------------------------
Position: Threat Analyst
Location: Columbia, Maryland, United States
Type: Permanent F/T
Closing Date: 2008-06-14
Job Description
Basic Purpose
This role is primarily responsible for developing ClamAv
signatures and other protection mechanisms for Sourcefire
products based on information from public and private
malware feeds. The researcher will work on a team of
analysts that are responsible for rapidly developing the
necessary protection methods to protect Sourcefire customers
from emerging threats. Research analysts also work with a
variety of automated analysis frameworks and tools for
quickly determining the risks associated with potentially
malicious executables and mail attachments.
Essential Duties and Responsibilities
* Develop ClamAv signatures, and risk analysis reports
for internal review and external customers
* Conduct malware analysis and risk assessments on
public and private malware samples
* Develop comprehensive malware reports on the action
taken by malicious code samples
* Work with automated analysis tools and frameworks to
quickly determine the actions taken by malicious samples
* Debug false positive and false negatives in ClamAv
signatures and other protection mechanisms
JOB REQUIREMENTS
---------------------------------------------------
Essential Education, Skill and Environment:
Education and Work Experience
* 2+ Years in malware analysis, security operations,
quality assurance, or other related field
* Bachelor degree preferred.
Required Knowledge and Skills
* Experience with OllyDbg or other windows debugger
* Strong analytical and troubleshooting skills
* Experience with SysInternals ProcessMonitor and
FileMonitor
* Experience with SandboxIE
* Ability to learn new skills and apply them in a
rapidly changing, high-pressure environment
Preferred Knowledge and Skills
* Experience with ClamAv & other network security
tools
* Experience with InCtrl or other similar tool
* Experience with PCRE or equivalent regular expression
library
* Highly motivated and creative
Work Conditions
* Works closely with ClamAv developers and research
malware analysts to quickly develop ClamAv signatures and
other protection mechanisms based on the provided
vulnerability details
* Moderate to high levels of stress may occur at times
* Fast paced and rapidly changing environment
* Extremely talented and experienced team members and
mentors
* No special physical requirements
CONTACT
---------------------------------------------------
https
://jobs.sourcefire.com/epostings/jobs/submit.cfm?fuseaction=
dspjob&id=23&jobid=233758&company_id=15640&v
ersion=1&source=ONLINE&JobOwner=961576&level=lev
elid1&levelid1=14174&parent=VRT%20(Vulnerability
%20Research%20Team)&startflag=2&CFID=19627618&CF
TOKEN=16c8e00-794ed64c-b42c-4abe-b9e7-208cc7a59e4e
azidouemba sourcefire.com
---------------------------------------------------
SECURITYFOCUS JOBS
---------------------------------------------------
SecurityFocus now offers an online interface for
searching and managing job opportunities and resumes.
http://www.security
focus.com/jobs
|