Cyber Threat Researcher

The CSS (Cyber Safety Solutions) division will establish an EMEA Threat Research team in the Prague office focusing on threat defense to protect the digital world. The EMEA Threat Research team will apply scientific principles of engineering to perform advanced threat research in malware analysis, network analysis, attack analysis and the active regional threat landscape monitoring to effectively identify advanced threats, create high-quality threat intelligence, and threat analysis reports.

The Cyber Threat Researcher is responsible for malicious object or behavior investigation including undesired leakage of sensitive data and targeted intrusion by Cybercrime.  S/he is expected to co-work and share knowledge with other CSS members and interface with external customers to gain customer insight.

Domestic travel in the EMEA; and international up to three times per year can bring the travel anywhere from 15% to 30%.

• Source of malicious objects (ransomware, malware, exploit kit, hacking tools and so on).
• Monitor underground forums and TOR sites.
• Analyze the behavior of threat actors in discovered malicious activities.
• Research malicious objects and their landscape.
• Analyze and reverse engineering malicious codes statically and behaviorally.
• Provide the malicious landscape report and malicious campaign report when needed.
• Provide research result and sourcing output to operation teams and product teams for knowledge refreshment and product enhancement.
• Work with internal teams for immediate needs (i.e. quick response to hot news when company requested) and help technically vet and triage incidents in order to identify those incidents that warrant further investigation.
• Creating research papers, blogs, and potentially speaking publicly.

·        BS in Computer Science or related technical discipline.

·        Strong knowledge in Windows, Linux and other enterprise operating systems, as well as command line tools.

·        Familiar with VPN usage and anonymous browsing.

·        Familiar with TOR site visiting and Deep Web visiting

·        Experience in programming using C/C++, Python or other computer languages.

·        Must be affluent with reading/writing/listening/speaking in one of those languages (Slovak (Slovenský jazyk),  Russian(ру́сский язы́к), Czech(čeština), Polish(język polski) )

·        Able to work in a multi-cultural group

·        Self-driven, proactive, and able to work both independently and within a team.

• Experience in reverse engineering, malware analysis, or exploit development.
• Experience in reverse engineering tools such as IDA Pro, WinDbg, Immunity Debugger, OllyDbg or similar.

Trend Micro are an Equal Opportunities Employer