Malware Researcher : Halcyon
Job Description
Halcyon is the industry’s first dedicated, adaptive security platform that combines multiple proprietary advanced prevention engines along with AI models focused specifically on stopping ransomware. Halcyon is focused on building products and solutions for mid-market and enterprise customers.As a remote-native, completely distributed global team, we recognize great talent can exist anywhere. We invite you to apply to a job you’re interested in and we’ll work a plan to meet your needs.
Responsibilities:
Conduct in-depth analysis of Windows and Linux malware samples, with a particular focus on ransomware. This includes static and dynamic analysis to understand the behavior, mechanisms, and objectives of the malware.
Create comprehensive reports detailing ransomware analysis findings, including encryption methods, identification of encryption flaws, ransom note patterns, indicators of compromise (IOCs), and recommended decryption or mitigation strategies.
Design and develop decryptors for ransomware, leveraging discovered encryption flaws to assist in data recovery efforts.
Develop and maintain YARA rules to identify and classify malware samples.
Design and develop tools to automate malware analysis tasks, streamline workflows, and enhance overall efficiency in malware research activities.
Provide expert support to other teams within the organization, answering malware-related queries
Skills and Qualifications:
Strong experience in analyzing both Windows and Linux malware, with a deep understanding of ransomware behaviors, encryption algorithms, and common evasion techniques.
Proficiency in using tools such as IDA Pro, Ghidra, Binary Ninja, x64dbg, WinDbg and GDB.
Proficiency in writing and optimizing YARA rules to detect and classify malware effectively.
Solid programming skills in languages such as Python, C, or C++, with the ability to develop tools and scripts to automate analysis tasks.
Familiarity with threat intelligence platforms (VirusTotal, MalwareBazaar, Any.Run, etc), and the ability to correlate malware findings with broader threat landscapes.
Excellent technical writing skills to document analysis findings clearly and concisely.
Bonus Skills and Qualifications:
Experience in Rust programming.
Experience in designing and developing decryptors for ransomware, including the ability to exploit encryption flaws and recover data.
Experience in applying machine learning techniques and feature engineering to malware classification and detection.
Experience in writing technical blog posts and delivering presentations at conferences on topics related to malware research.
Benefits: Halcyon offers the following benefits to eligible employees:
Comprehensive healthcare (medical, dental, and vision) with premiums paid in full for employees and dependents.
401k plan with a generous employer contribution.
Short and long-term disability coverage, basic life and AD&D insurance plans.
Medical and dependent care FSA options.
Flexible PTO policy.
Parental leave.
Generous equity offering.
The Company reserves the right to modify or change these benefits programs at any time, with or without notice.
Base Salary Range: $90,000 – $110,000
Bonus Target: 10%
In accordance with applicable state and federal laws, the range provided is Halcyon’s reasonable estimate of the base compensation for this role. The actual amount may differ based on non-discriminatory factors such as experience, knowledge, skills, abilities, and location. Base pay is one part of the total package that is provided to compensate and recognize employees for their work, and this role may be eligible for additional discretionary bonuses/incentives, and equity in the Company.