Fevrok logo
Malware Reverse Engineer - REMOTE
3 years ago



About Accenture Cyber Threat Intelligence (ACTI)


ACTI is a global team that spans 13 countries and 4 continents and speaks more than 30 languages. We are passionate about delivering intelligence analysis, and providing industry-leading analytic insights, cyber context, and critical services our clients need to achieve their business-line and strategic-growth initiatives. We know success is only possible by developing and supporting our most-critical resources: our talented analysts, developers, and supporting team members. We value creativity and entrepreneurship in our team; where possible, we back staff initiatives with opportunities and investments. We enjoy the hunt. We strive to automate and innovate while working with powerful resources and differentiated data. Above all else, we value an egoless approach to guiding our clients as they navigate their businesses through all aspects of the cyber domain.




Who You Are


You are passionate about cybersecurity and intelligence analysis. You stay abreast of the latest threats, recognize the value of intelligence, and believe it should drive operations. You are a devoted team member who is always willing to lend a hand, mentor a colleague, or increase our global teams awareness by sharing your knowledge and approaches with others. You are productive, easy to work with, and understand that adherence to a good process is key to excellence.




Role Description


As a Malware Reverse Engineer at ACTI, you will reverse engineer and analyze malware to evaluate complex malicious code to determine malware capabilities and purposes. Analysis includes the use of specialized systems and tools, including dissemblers, debuggers, hex editors, unpackers, virtual machines, and those for network traffic analysis.




Key Responsibilities



+ Analyze malicious events and campaigns to determine attack vectors and retrieve malware payloads. Reverse engineer files suspected or known to belong to identified malware families to determine their command-and-control (C2) infrastructure and targeting.


+ Incorporate analysis results into detailed reporting to include purpose, behavior, C2 server infrastructure, and mitigation techniques related to analyzed malware families, malicious campaigns, and events.


+ Track prevailing malware families, including downloaders, banking Trojans, information stealers, ransomware, and remote access Trojans. Reverse engineer recently discovered malware variants to check potential feature augmentation or configuration structure changes.


+ Improve existing tools that extract known malware family configurations based on reverse engineering results.


+ Research the latest malware detection evasion techniques, such as use of customized packers, customized crypters, fully undetectable (FUD) techniques, host intrusion prevention system (HIPS) bypassing, and anti-virus (AV) software bypassing. Based on research, design and develop generic unpacking methods and tools for use as standalone tools or within automated analysis systems and sandboxes.


+ Provide customer support by responding to requests related to suspicious file analysis that sometimes require malware reverse engineering and determination of contextual information surrounding indicators of compromise; do so by providing detailed analysis reports and mitigation recommendations.


+ Provide customer support by responding to cybersecurity requests, including those for: open-source intelligence (OSINT) research; domain, IP address, or URL analysis; malicious campaign information; and/or event attribution. Provide answers to specific questions, the answers of which clients use for operational guidance to aid their strategies.


+ Design, develop, and implement Windows kernel modules to support automated malware analysis; such modules include kernel system service filtering modules able to intercept operating system services on 32-bit and 64-bit Windows operating systems without triggering those systems self-protection mechanisms, and kernel-mode modules able to force designated processes to load specific modules that load decoders designed for extracting malware configurations.


+ Design, develop, and implement generic unpackers that combat widely used malware packing methods to retrieve malicious payloads from packed malware samples automatically.


+ Create detection rules and signatures for detecting malware families, and provide detection or blocking recommendations.


+ Develop decoders to extract malware configurationsincluding basic C2 settings or secondary dynamic configurations, such as those outlining targeted institutions and web injectsbased on reverse engineering results.


+ Provide junior engineers with technical training, including: training on malware analysis; reverse engineering; Windows internals; and development, identification, unpacking, and de-obfuscation of malicious code.


+ Travel, occasionally, as ACTI is a client-focused organization, and this position may require doing so to address client needs, enhance deliverables, or otherwise support projects.


+ Carryout administrative leadership tasks and special projects in support of the teams overall tasking.





Basic Qualifications



+ Bachelors Degree in Computer Forensics, Science, Engineering, Information Systems, or another related security field, or comparable experience.


+ Minimum 5 years of experience with malware analysis, reverse engineering, and development.


+ Minimum 5 years of experience/ability to write, understand, and/or analyze code in programming and scripting languages, including Assembly x86/x64, C, C++, Python, JavaScript, Java, PHP, and HTML.


+ Minimum of 3 years of Basic knowledge of and experience with malware packers, crypters, and obfuscation techniques.


+ Minimum of 3 years of experience/understanding of operating system internals and the Windows API.


+ Minimum of 3 years of experience with debuggers, decompilers, and network traffic analysis tools.


+ Minimum 3 years of development experience in Assembly, Python, C, or C++.






Required Skills



+ Ability to analyze and unpack obfuscated code.


+ Strong written and verbal skills; can communicate complex concepts at a high level while retaining accuracy and highlighting features in a way that maximizes audience engagement.


+ Strong problem solving and critical thinking capabilities.


+ Strong understanding of the intelligence lifecycle and associated analytic methodologies (Cyber Kill Chain, Diamond Model, ATT&CK, etc.).


+ Practical understanding of malware analysis and/or reverse engineering, and the ability to develop malware detection signatures (e.g. YARA).





Desired Skills



+ Eight or more years of experience in malware analysis, reverse engineering, and development fields.


+ Deep understanding of operating system internals and the Windows API.


+ Ability to work with a high degree of independence.


+ Ability to collaborate in a team environment to focus on a common goal.





As required by theColorado Equal Pay Transparency Act, Accenture provides a reasonable range of minimum compensation for roles that may be hired in Colorado. Actual compensation is influenced by a wide array of factors including but not limited to skill set, level of experience, and specific office location. For the state of Colorado only, the range of starting pay for this role is $152,700 - $190,099 and information on benefits offered is here. (https://www.accenture.com/us-en/careers/your-future-rewards-benefits)





COVID-19 update:



The safety and well-being of our candidates, our people and their families continues to be a top priority. Until travel restrictions change, interviews will continue to be conducted virtually.



Subject to applicable law, please be aware that Accenture requires all employees to be fully vaccinated as a condition of employment. Accenture will consider requests for accommodation to this vaccination requirement during the recruiting process.



What We Believe



We have an unwavering commitment to diversity with the aim that every one of our people has a full sense of belonging within our organization. As a business imperative, every person at Accenture has the responsibility to create and sustain an inclusive environment.



Inclusion and diversity are fundamental to our culture and core values. Our rich diversity makes us more innovative and more creative, which helps us better serve our clients and our communities. Read more here (https://www.accenture.com/us-en/about/inclusion-diversity/us-workforce)



Equal Employment Opportunity Statement



Accenture is an Equal Opportunity Employer. We believe that no one should be discriminated against because of their differences, such as age, disability, ethnicity, gender, gender identity and expression, religion or sexual orientation.



All employment decisions shall be made without regard to age, race, creed, color, religion, sex, national origin, ancestry, disability status, veteran status, sexual orientation, gender identity or expression, genetic information, marital status, citizenship status or any other basis as protected by federal, state, or local law.



Accenture is committed to providing veteran employment opportunities to our service men and women.



For details, view a copy of the Accenture Equal Opportunity and Affirmative Action Policy Statement (https://www.accenture.com/\_acnmedia/Careers/PDF-9/Accenture-Annual-Policy-Statement-Regarding-EEO-2018-Applicant.pdf) .



Requesting An Accommodation



Accenture is committed to providing equal employment opportunities for persons with disabilities or religious observances, including reasonable accommodation when needed. If you are hired by Accenture and require accommodation to perform the essential functions of your role, you will be asked to participate in our reasonable accommodation process. Accommodations made to facilitate the recruiting process are not a guarantee of future or continued accommodations once hired.



If you would like to be considered for employment opportunities with Accenture and have accommodation needs for a disability or religious observance, please call us toll free at 1 (877) 889-9009, send us an email (https://www.accenture.com/us-en/contact-us) or speak with your recruiter.



Other Employment Statements



Applicants for employment in the US must have work authorization that does not now or in the future require sponsorship of a visa for employment authorization in the United States.



Candidates who are currently employed by a client of Accenture or an affiliated Accenture business may not be eligible for consideration.



Job candidates will not be obligated to disclose sealed or expunged records of conviction or arrest as part of the hiring process.



The Company will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. Additionally, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the Company's legal duty to furnish information.



posted by
Fevrok Botavatar
Fevrok Bot @bot
I'm a Fevrok Bot I fetch jobs from Fevrok partners websites
Company
Accenture's logo
Accenture
@accenture (company)
similar jobs
Malware Reverse Engineer - REMOTE Research Engineer Research Engineer Reverse Engineer (Engineer Software 4)- 7449 Cyber Security Malware Analyst Malware Prevention Reverse Engineer - Cyber Security Operations Malware Prevention Reverse Engineer - Cyber Security Operations Senior Malware Engineer / Reverse Engineer Sr Malware Prevention Reverse Engineer - Cyber Security Operations
Fevrok logo
Get support
Company
About us Blog Sitemap
Legal
Privacy policy
©2025 Fevrok. All Rights Reserved.
  english