IR Specialist Manager (Malware Reverse Engineering)
Location: Hyderabad, India
Shift timings: 11am to 8pm
The Malware Researcher Manager reports to the APAC GCIR IR Manager. Malware analysis lives within the incident responder function of the GCIR group. As a Malware Researcher, you will conduct static and dynamic analysis of malware to extract atomic indicators of compromise, profile malware behavior, and articulate recommendations for mitigating and detecting malware. The right candidate is a self-starter with excellent technical skills to perform duties such as, but not limited to, researching, and classifying malware, exploring malware distribution techniques such as exploit kits and phishing/spam campaigns, tracking and investigating botnets, researching broad and targeted attacks, developing scripts and tools on-the-fly to support research activities, conduct independent research into crimeware and advanced attacks, and create reports. Other Responsibilities include:
- Perform technical research into advanced malware, targeted attacks, crimeware campaigns, and other emerging technologies and techniques to identify and report on cyber-attacks and attackers.
- Perform proactive research to identify, categorize and produce reports on new and existing threats.
- Correlate information with additional data sources to develop a comprehensive operational picture of malicious actors, and their tactics, techniques, and procedures.
- Conduct technical evaluations of new or emerging cyber threats, such as attack tools, exploits, malware, etc, and how they are used in conjunction with crime or nation state operations.
- Discover and investigate malicious activities to determine various tactics such as exploitation methods, and effects on systems and information.
- Provide awareness to internal analysis and collections teams on changes to the cyber threat landscape and criminal activities.
- Co-develop and help manage technical capabilities needed to enhance new sources of intelligence collection in partnership with engineering, analysis, and collections teams.
- Contribute research to reporting on current and emerging threats and establish relationships between the research team and external entities such as law enforcement agencies and vendors.
- Provides technical services needed for cyber incident response investigations including, containment, eradication, and remediation activities.
- Assists with assessing scope of the incident damage.
- Assists in determination of incident severity.
- Assists with maintaining documentation throughout a cyber incident.
- Assist in the drafting of post-incident reports to senior leadership to convey impact, origin, root cause, and remediation.
- Perform incident response services including, but not limiting to, collection, documentation, preservation and analysis of incident evidence for digital forensics investigations.
The Team:
Global CIR provides cyber security incident management and coordination services for global cyber security incidents and its internal clients.
Qualifications
Required:
- Bachelor’s degree: a technology-related field, or equivalent education-related experience or equivalent experience
- Minimum of 9-12 years of experience in security operations or threat intelligence with at least 4 of those years of experience in malware analysis
- Understanding of host and network forensic artifacts and indicators of compromise
- Understanding of cyber threats and how intelligence is used by security appliances and operators.
- Understanding of static and dynamic malware analysis tools and techniques, to include:
- Debugging
- Disassemblers
- Reverse Engineering
- Working knowledge of Assembly, C and/or C++, Python, JSON, and Visual Basic
- Experience working with commonly used malware sandboxes.
- Experience analyzing packet capture files with tools such as Wireshark.
- Deep understanding of open-source penetration testing tools and experience writing Yara rules
- Familiarity with PowerShell and other command shell scripting languages
- Experience working in information technology / cyber security for a large, complex enterprise and collaborating across teams.
Preferred:
- Familiarity with digital forensic tools such as EnCase, Axiom or FTK
- Familiarity with EDR tools
- Familiarity with Splunk & ServiceNow
- Familiarity with Cloud technologies – AWS, Azure and Containers (dockers/Kubernetes)
- Familiarity with the Microsoft security stack such as the Defender line of products
- Historical knowledge of major cyber threat actors and their malware families
- Familiarity with Threat Intelligence Platform software such as ThreatConnect or Anomali
How you’ll grow
At Deloitte, we’ve invested a great deal to create a rich environment in which our professionals can grow. We want all our people to develop in their own way, playing to their own strengths as they hone their leadership skills. And, as a part of our efforts, we provide our professionals with a variety of learning and networking opportunities—including exposure to leaders, sponsors, coaches, and challenging assignments—to help accelerate their careers along the way. No two people learn in the same way. So, we provide a range of resources including live classrooms, team-based learning, and eLearning. DU: The Leadership Center in India, our state-of-the-art, world-class learning Center in the Hyderabad offices is an extension of the Deloitte University (DU) in Westlake, Texas, and represents a tangible symbol of our commitment to our people’s growth and development. Explore DU: The Leadership Center in India
Benefits
At Deloitte, we know that great people make a great organization. We value our people and offer employees a broad range of benefits. Learn more about what working at Deloitte can mean for you.
Deloitte’s culture
Our positive and supportive culture encourages our people to do their best work every day. We celebrate individuals by recognizing their uniqueness and offering them the flexibility to make daily choices that can help them to be healthy, centered, confident, and aware. We offer well-being programs and are continuously looking for new ways to maintain a culture that is inclusive, invites authenticity, leverages our diversity, and where our people excel and lead healthy, happy lives. Learn more about Life at Deloitte.
Corporate citizenship
Deloitte is led by a purpose: to make an impact that matters. This purpose defines who we are and extends to relationships with our clients, our people and our communities. We believe that business has the power to inspire and transform. We focus on education, giving, skill-based volunteerism, and leadership to help drive positive social impact in our communities. Learn more about Deloitte’s impact on the world.
Recruiting tips
From developing a stand out resume to putting your best foot forward in the interview, we want you to feel prepared and confident as you explore opportunities at Deloitte. Check out recruiting tips from Deloitte recruiters.
Benefits
At Deloitte, we know that great people make a great organization. We value our people and offer employees a broad range of benefits. Learn more about what working at Deloitte can mean for you.
Our people and culture
Our diverse, equitable, and inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ideas and perspectives, and bring more creativity and innovation to help solve our client most complex challenges. This makes Deloitte one of the most rewarding places to work. Learn more about our inclusive culture.
Our purpose
Deloitte’s purpose is to make an impact that matters for our clients, our people, and in our communities. We are creating trust and confidence in a more equitable society. At Deloitte, purpose is synonymous with how we work every day. It defines who we are. We are focusing our collective efforts to advance sustainability, equity, and trust that come to life through our core commitments. Learn more about Deloitte's purpose, commitments, and impact.
Professional development
From entry-level employees to senior leaders, we believe there’s always room to learn. We offer opportunities to build new skills, take on leadership opportunities and connect and grow through mentorship. From on-the-job learning experiences to formal development programs, our professionals have a variety of opportunities to continue to grow throughout their career.