Threat Intelligence Malware Reverse Engineer
BAE Systems Digital Intelligence offers world class threat intelligence services to customers across the globe. Our team investigate some of the most complex nation state threat actors and intrusions on a daily basis. We currently have a vacancy for an experienced Malware Reverse Engineer in our team. The successful candidate would be expected to undertake original investigations, threat research and provide reporting out to our customers.
We are looking for candidates with a strong understanding of the threat landscape and deep technical skills with expertise in Malware Reverse Engineering.
Investigate cyber intrusions and threat activity as part of the global Threat Intelligence team.
Discover, analyse, document, and track advanced threat actor campaigns through malware reverse engineering.
Conduct research on threat actors (from hacktivist to criminal to state), and their tools, techniques, and procedures (TTPs) using commercial and open sources.
Produce finished intelligence reports related to state and criminal threats, with insights into attacker techniques and identified campaigns, and including actionable mitigation and detection guidance.
Develop tools to assist with automation of malware analysis tasks and tracking of threat actors.
Work in a collaborative environment with other technical specialists, intelligence analysts, and customer facing consultants.
Support intelligence analysts with malware analysis and incident responders with technical expertise.
Experience with both static and dynamic malware analysis of Windows x86 and x86-64 executables.
Ability to reverse engineer binaries written in C/C++, .NET, and Delphi.
Experience with static analysis tools such as IDA Pro, Ghidra or Binary Ninja.
Experience with dynamic analysis using x64dbg, windbg, OllyDbg or similar.
Reverse engineering of popular document formats such as DOC, XLS, RTF and PDF.
Understanding of networking fundamentals such as HTTP, TCP/IP, DNS and other core protocols.
Understanding of Windows operating systems and command line tools.
Experience developing scripts to decode and decrypt obfuscated data and network traffic.
Experience writing Python scripts.
Ability to document and explain technical details clearly and concisely in writing and graphics for technical and non-technical audiences.
Familiarity with tracking threat actors and knowledge of their TTPs.
Experience querying commercial and open sources, such as Shodan, Censys, etc.
Familiarity with malware sandboxing and using the output to pivot and find additional activity.
Experience in threat hunting and creating file/network traffic signatures using Yara and Snort.
Experience with cloud environments, including AWS and Azure.
Life at BAE Systems Digital Intelligence
We are embracing Hybrid Working. This means you and your colleagues may be working in different locations, such as from home, another BAE Systems office or client site, some or all of the time, and work might be going on at different times of the day. By embracing technology, we can interact, collaborate and create together, even when we’re working remotely from one another. Hybrid Working allows for increased flexibility in when and where we work, helping us to balance our work and personal life more effectively, and enhance wellbeing.
Diversity and inclusion are integral to the success of BAE Systems Digital Intelligence. We are proud to have an organisational culture where employees with varying perspectives, skills, life experiences and backgrounds – the best and brightest minds – can work together to achieve excellence and realise individual and organisational potential.
About BAE Systems Digital Intelligence
We use our intelligence-led insights to help defend Governments, Nations and Societies from cyber-attacks and financial crime. Our customers depend on our evolving capabilities to help them safely grow their organisations. Our unprecedented access to threat intelligence, world-leading analysts and market-leading technology means we can help them to adapt, evolve and stay ahead of the criminals.
Division overview: Government
At BAE Systems Digital Intelligence, we pride ourselves in being a leader in the cyber defence industry, and Government contracts are an area we have many decades of experience in. Our Government business unit houses four of our critical client groups: UK National Security, Global National Security, defence and central government. Government and key infrastructure networks are critical targets to defend as the effects of these networks being breached can be devastating.
As a member of the Government business unit, you will defend the connected world and ensure the protection of nations. We all have a role to play in defending our clients, and this is yours.