Malware Researcher

The Role:

Halcyon’s goal is to deliver an anti-ransomware solution that breaks new ground as to what a security product can deliver. Aligned with this goal, Halcyon is looking for a Malware Researcher focused on ransomware analysis. In this role, you will analyze ransomware on Windows and Linux systems, develop YARA rules, and create tools to automate malware analysis. You will also develop decryptors to recover data from ransomware attacks. Your work will enhance our detection strategies and provide strong protection for our customers.

Responsibilities:

• Conduct in-depth analysis of Windows and Linux malware samples, with a particular focus on ransomware. This includes static and dynamic analysis to understand the behavior, mechanisms, and objectives of the malware.

• Create comprehensive reports detailing ransomware analysis findings, including encryption methods, identification of encryption flaws, ransom note patterns, indicators of compromise (IOCs), and recommended decryption or mitigation strategies.

• Design and develop decryptors for ransomware, leveraging discovered encryption flaws to assist in data recovery efforts.

• Develop and maintain YARA rules to identify and classify malware samples.

• Design and develop tools to automate malware analysis tasks, streamline workflows, and enhance overall efficiency in malware research activities.

• Provide expert support to other teams within the organization, answering malware-related queries.

Skills and Qualifications:

• Strong experience in analyzing both Windows and Linux malware, with a deep understanding of ransomware behaviors, encryption algorithms, and common evasion techniques.

• Proficiency in using tools such as IDA Pro, Ghidra, Binary Ninja, x64dbg, WinDbg and GDB.

• Proficiency in writing and optimizing YARA rules to detect and classify malware effectively.

• Solid programming skills in languages such as Python, C, or C++, with the ability to develop tools and scripts to automate analysis tasks.

• Familiarity with threat intelligence platforms (VirusTotal, MalwareBazaar, Any.Run, etc), and the ability to correlate malware findings with broader threat landscapes.

• Excellent technical writing skills to document analysis findings clearly and concisely.

Bonus Skills and Qualifications:

• Experience in Rust programming.

• Experience in designing and developing decryptors for ransomware, including the ability to exploit encryption flaws and recover data.

• Experience in applying machine learning techniques and feature engineering to malware classification and detection.

• Experience in writing technical blog posts and delivering presentations at conferences on topics related to malware research.

Benefits:

 Halcyon offers the following benefits to eligible employees:

• Comprehensive healthcare (medical, dental, and vision) with premiums paid in full for employees and dependents.

• 401k plan with a generous employer contribution.

• Short and long-term disability coverage, basic life and AD&D insurance plans.

• Medical and dependent care FSA options.

• Flexible PTO policy.

• Parental leave.

• Generous equity offering.

The Company reserves the right to modify or change these benefits programs at any time, with or without notice.​

Base Salary Range: $90,000 - $110,000

Bonus Target: 10%