Threat Researcher

Job Description

Infoblox is currently looking for a Staff Threat Intelligence Analyst. At Infoblox, Threat Intelligence Analysts have the unique opportunity to research threats, analyze malware behavior and campaigns, build their own detectors, and create labeled data sets to protect our customers. Our analysts enjoy the creative environment and ownership that comes with working projects largely from “soup to nuts.” Members of our team are also integral parts of the creative and technical development of our proprietary intelligence processing tools and packages - often designing and building them up to the point of deployment.
We consider the ideal candidate to be an experienced intelligence and malware analyst who knows and understands DNS (protocols, datasets, tunneling). We are also looking for someone familiar with intelligence processes, requirements, collection, and reporting. Individuals with strong logic, correlation, analytical, communication, and technical skills, as well as the motivation to continuously learn will fit well on our team. Candidates with malware research experience and an understanding of attacker methods and objectives will be given preference.
Responsibilities:

• Collect, analyze and exploit data from various sources
• Develop actionable information in the form of technical indicators, reports, lists, rules, signatures, or indicators and warnings
• Perform analysis on new indicators to detect prior compromise
• Research and analyze malware, and develop detection algorithms
• Research emerging threats, threat actors, TTPs
• Develop and use predictive analytics to counter threats by tracking attack campaigns
• Triage and respond to incidents or requests for analysis

Requirements:

• Must be an EU Citizen or have legal right to work
• 10 plus years of relevant work experience
• 3-5 years of experience with Python and other scripting languages
• Proficiency operating on Unix/Linux systems, commitment to self-study, and maintaining proficiency in the technical cybersecurity industry
• Fluent in English & French

Additional Preferred Experience:

• Proficiency in building/architecting AWS; comfort operating it via the command line
• Pivoting off data points to find additional information and other intelligence processes/cycles (PFM, F3EAD, etc.)
• Understanding of DNS, TCP/IP, common networking ports, protocols, and traffic flow
• Experience using virtual environments for analysis of suspicious sites and files
• Experience using reverse engineering tools such as IDApro, OllyDbg, etc.
• Development of new detection mechanisms for various families of malware, preferably in Python
• Tracking and reporting on threat actor tactics, techniques, and procedures (TTPs), writing intelligence reports and presentations

Education:

• B.S. in CS, CE or EE or 4 years of relevant work experience

It’s an exciting time to be at Infoblox. We are the market leader in technology for network control. Our success depends on bright, energetic, talented people who share a passion for excellence in building the next generation of networking technologies—and having fun along the way. Infoblox offers a fast-paced, action-oriented environment. We promote a culture that embraces innovation, change, teamwork, and strong partnerships. Join the winning Infoblox team—our future looks bright, and so will yours. To check out what it’s like to be a Bloxer, click here.
#LI-DW2