Startup Careers

Be a part of our family by contributing to our portfolio companies’ innovation and success. Browse open positions below with Intel Capital portfolio companies.

Threat Researcher - Reverse Engineer at Carbon Black
Massachusetts, US

Carbon Black, the leader in advanced threat protection, is seeking a Threat Researcher. This is a mid level position in Cyber Security, targeted toward individuals with more than 5 years of experience.  Educational and personal experience with reverse-engineering, network/systems administration and/or information security related work is necessary.  Expert understanding of modern defensive and offensive security tools, techniques and methods are required.

 

Threat Researchers at Carbon Black are responsible for leading, conducting and presenting threat research conducted by Threat Analysis Unit (TAU) as well as building systems used across our security program.  This includes the strong understanding of endpoint detection, cloud technologies, security operations, current threatscape and emerging threats. Threat Researchers are also expected to provide mentorship to other members of the team, and take lead in maturing procedures, evaluating new security technologies, incident response collaboration, penetration testing, and prototype/experiment with new ideas and technologies to improve both our product and services.

 

What You’ll Do

 

  • Perform security research, reverse engineer malware, handle complex security events, and analyze incident response, coordinate with other teams and partners.

  • Work closely with internal and external customers for product and service improvements.

  • Take ownership or support of ongoing projects by assisting in the implementation, research, testing and documentation of security related projects.

  • Dig through mountains of real world data to help build a massively scalable, automatically updating Threat Intelligence Ecosystem.

  • Research anomalies to uncover new threat actor groups. malware, vulnerabilities, tools, and techniques.

  • Share data and expertise with private and public communities such as through the creation of custom rules for dissemination into the Carbon Black product suite.

  • Maintain knowledge of emerging security technologies and discipline developments. Research and manage the implementation of new technologies to enhance our products and customers’ security postures.

  • Manage and lead evaluations conducted by external third parties, including vulnerability assessments, product efficacy and penetration tests. Respond to reported product security vulnerabilities and bypasses.

  • Serve as subject matter expert (SME) and tier three support for security team members as they manage security events and incidents.

  • Being the voice of a Threat Research team to Product Marketing and Engineering, enabling to respond to real world customer demands and capabilities.

  • Train and mentor security leaders and managers, security operations teams, threat intelligence groups and incident responders including team members outside of the TAU group.

  • Actively participate in the Carbon Black User-Exchange community as a subject matter expert, presenting in forums, online, and at conferences.
     

Technical Skills / Experience:

  • Advanced skills in Windows internals, Linux, and/or OSX

  • Experience with a number of the following is a requirement: Unix Shell scripts, Python, PowerShell

  • Experience and knowledge of the following is preferred: VBScript, C#, C++, Python, .Net

  • Endpoint Security technology (e.g. Carbon Black Enterprise Protection, Carbon Black Enterprise Response, Symantec, McAfee, Forefront)

  • Windows operating system internals (registry, APIs, kernel operations, forensic artifacts)

  • Windows development for both user mode and kernel applications using Visual Studio, C, C++, or C#

  • Windows Management (e.g. WSUS, SCCM, SCOM, Active Directory, Group Policy Objects,)

  • Vulnerability Management (e.g. Nexpose, Tenable Nessus, Qualys)

  • Penetration Testing Tools (e.g. Metasploit, Backtrack, Kali, CobaltStrike) and offensive techniques

  • Ability to translate descriptions of attacks or malware techniques into proof of concept demonstrations for testing and product improvement.

  • Experience with building and/or managing large scale virtualized attack “firing ranges” a plus

 

What You’ll Bring

  • Understanding of exploits and attacks against Windows, Linux and OSX systems.

  • Windows system internals experience

  • Knowledge of x86 and x64 instruction set architectures

  • Knowledge of user and kernel level debuggers and static analysis applications such as WinDbg, OllyDbg, x64dbg, Binary Ninja, or IDA Pro

  • Understanding of to discover, analyze, and exploit technical vulnerabilities

  • Understanding defensive capabilities and how attackers bypass them

  • Understanding of anti-analysis techniques and how to work around them

  • Experience creating and/or developing analysis environments

  • Ability to analyze malware, determine TTPs (tactics, techniques, and procedures) unique to threat actors, and extract indicators to feed back into the products

  • Understanding the threat landscape and latest attack techniques

  • Strong analytical skills to define risk, identify potential threats, and develop action/mitigation plan. An ability to communicate these concepts to technical and non-technical audiences

  • Strong interpersonal skills, ability to mentor/train staff and bring awareness to current and emerging threats

  • Certifications preferred: CISSP, OSCP/OSCE, SANS GIAC Certifications (GREM, GCFA, GCFE)

  • Strong written and verbal communication skills with an ability to present technical risks and issues to non-technical audiences

  • Experience of having published or presented research security-related topic to the public

Why you should join us

Carbon Black is a leader in endpoint security dedicated to keeping the world safe from cyberattacks. With more than 5,000 customers—including 34 of the Fortune 100—the opportunities here are massive and exciting.