Skip To Content

Reverse Engineering Malware Engineers

Analyzing Malicious Office Macros
The candidate will be able to analyze macros and scripts embedded in suspicious Microsoft Office files to understand their capabilities.

Analyzing Malicious PDFs
The candidate will be able to analyze suspicious PDFs and embedded scripts to understand the nature of the threat they might pose.

Analyzing Malicious RTF Files
The candidate will be able to analyze suspicious RTF files and embedded shellcode to understand their capabilities.

Analyzing Obfuscated Malware
The candidate will be able to identify packed Windows executables and obfuscated malicious JavaScript and unpack it to gain visibility of it’s key capabilities.

Behavioral Analysis Fundamentals
The candidate will be able analyze static properties of a suspected malware sample, develop theories regarding its nature, and determine subsequent analysis steps.

Common Malware Patterns
The candidate will be able to identify common API calls used by malware and understand what capabilities the APIs offer to the malware samples. The candidate will be able to identify common techniques used by malware including code injection, hooking, and process hollowing techniques.

Core Reverse Engineering Concepts
The candidate will apply dynamic analysis techniques to examine a malware sample in a debugger and will apply static analysis techniques to interpret common assembly instructions and patterns in Windows malware using a disassembler.

Identifying and Bypassing Anti-Analysis Techniques
The candidate will be able to identify and bypass common debugger detection and data protection measures used in malware, including the detection of security tools.

Malware Analysis Fundamentals
The candidate will be able to describe key methods for analyzing malicious software and identify the needs of malware analysis lab.

Malware Flow Control and Structures
The candidate will be able to analyze common execution flow control mechanisms, such as loops and conditional statements, in assembly language.

Overcoming Misdirection Techniques
The candidate will be able to overcome misdirecting execution workflow as an anti-analysis technique used in malware.

Reversing Functions in Assembly
The candidate will be able to analyze malware functions in assembly language to understand use of parameters, return values and other structural elements.

Static Analysis Fundamentals
The candidate will be able analyze static properties of a suspected malware sample, develop theories regarding its nature, and determine subsequent analysis steps.

Unpacking and Debugging Packed Malware
The candidate will demonstrate process for unpacking malware using a debugger and repairing unpacked malware for further analysis.

SIEM Engineer Securonix Experience
The focus for the SIEM Engineer is the management, administration, and ownership of Securonix. The scope will vary from creating and modifying use-cases to updating the Securonix Advanced Analytics, Data Lake, and Cloud Archive. The SIEM Engineer works closely with the Customer Success Manager and Security Operations Center (THE CYBER DEFENSE CENTRE) to provide support and assistance to the client. The SIEM Engineer will have excellent working relationships with other HG team members and the client.

The SIEM Engineer is responsible for working with Infostream Cyber Defence Centre and its Managed Security clients at multiple levels in order to identify and align business and IT security objectives, discover security or operational pain points, offer recommendations, implement solutions, and recognize current and future IT security needs.

Key Responsibilities

  • Add/Modify/Archive log sources
  • Ability to explain and document alert use-cases for all relevant components (alarms, watchlists, reporting, and correlating data from multiple dissimilar log sources)
  • Fulfill Senior Customer Success Manager (CEM) or client requested tasks
  • Schedule and run regular technical change requests (i.e. alert modifications, IOC updates, security patches, major and minor software releases)
  • Tune/Enhance existing alert framework and client custom framework
  • Work closely with Endpoint and Perimeter leads to improve proactive defense posture
  • Work closely with the CEM to improve THE CYBER DEFENSE CENTRE alerting
  • Provide overall guidance, instruction, and leadership to THE CYBER DEFENSE CENTRE analysts
  • Provide mentorship and guidance to THE CYBER DEFENSE CENTRE analysts regarding technologies and alerts
  • Engage in knowledge sharing with other team members
  • Provide major/minor component infrastructure support
  • Conduct Health Checks for Securonix
  • Triage THE CYBER DEFENSE CENTRE alert influxes, enterprise failures and reconfigurations
  • Open and follow-up on service requests with 3rd party vendors
  • Maintain current knowledge on industry issues/trends and competitive SIEM products
  • Maintain and expand working knowledge of current managed technologies
  • Improve technical understanding of all managed technologies
  • Communicate effectively orally and in writing, and establish a cooperative working relationship with persons contacted while performing assigned duties

Education and Skills

  • University Degree in Information Security or relevant security up-to-date certificates and/or equivalent work experience (CISSP, GIAC and others)
  • Holds certifications of security technologies or SIEM technologies
  • Minimum 5 years’ experience in IT security field
  • Strong understanding of IT Security concepts, best practices, and market direction
  • Experience with CYBER DEFENSE CENTRE operations
  • Possess knowledge of the MITRE ATT&CK Framework
  • Ability to create and implement custom parsers
  • Candidate will be proactive, driven, and expected to carry tasks to resolution
  • Strong troubleshooting, reasoning, and problem-solving skills
  • Strong knowledge of TCP/IP protocols and the ability to analyze network traffic
  • Excellent communications skills
  • Exceptional Time Management and organizational skills

Benefits of working at Infostream:

  • We believe in innovation and vibrant culture – work for an innovative, people-first, Digital Transformation Solutions company that values entrepreneurialism
  • Pay for Performance excellent base salary and extensive performance bonuses.’
  • We believe in a flexible work structure – A flexible hybrid work model that empowers you to do your best work whether at home or at the office
  • We care about your rewards – Competitive compensation including equity programs
  • We care about your health – comprehensive group health and dental benefits and life insurance, including a Lifestyle Spending Account for all your wellness needs
  • We care about your rest – a flexible paid-time-off policy with unlimited vacation days, flexible sick and mental health days
  • We care about your development – industry training and certifications constant
  • We care labs – intense labs to sandbox, train with peers and vendors
  • Dental care
  • Employee assistance program
  • Extended health care
  • RRSP match
  • Vision care
In order to apply, please e-mail your resume and cover letter to careers@infostream.com with the Position Title and your full name in the subject line.

Careers

Be part of our
growing team

The most rewarding aspect of being part of Infostream? Simple: the people. We are a group of inquisitive, intelligent individuals, driven by a shared pursuit of purpose in our work. Our collective effort is dedicated to crafting solutions that propel organizations forward, and the joy lies in the collaborative process that binds us together.

CHECK OUT OUR LATEST JOB POSTS

Contact Us

Let's get in touch

Toll Free: 1.833.633.CYBR

5 Via Renzo Drive,
Richmond Hill, ON L4S 0J6
Canada

255 Alhambra Circle, Suite 1000
Coral Gables, FL 33134
USA

contact@infostream.com

Please Fill Out the Contact Form and We Will Be in Touch

This field is for validation purposes and should be left unchanged.