McAfee's Network Security Platform (NSP) is an intelligent IPS solution that discovers and blocks sophisticated threats in the network. Using multiple, advanced signature-less detection techniques such as Advanced Threat Defense, real-time emulation, and endpoint integration, it moves beyond mere pattern matching to offer advanced network intrusion detection that defends against unknown stealthy attacks with extreme accuracy. The next-generation hardware platform scales to speeds of over 40 Gbps, ensuring performance is available to meet the needs of demanding networks. NSP product has been ranked in the Gartner’s Leaders Quadrant for eight consecutive years.
Specific Responsibilities/Functions will include but not limited to:
• Perform malware analysis through reverse engineering and guarantee reliable analysis reports, signature suggestions, blog write-ups, threat forecasts, and marketing whitepapers.
• Research and develop behavioral heuristics for generic detection of unknown and/or zero-day bots, including spam bots, IRC bots, DoS bots, and fake-ssl bots, ransomware.
• Analyze advanced malware bot samples through a combination of static and dynamic reverse-engineering approaches. Decode Command and Control communication protocols.
• Research and develop reliable analysis reports and signature suggestions for activity of specific known bot Command and Control traffic.
• Work effectively with other members of the team and other functions of the organization to meet goals.
• Present innovations and research intelligence at conferences.
• Customer-focused security research initiatives.
• Manage security incidents and escalation events.
Experience, Knowledge and Skills required for the role
• BTech/BE/MCA in Computer Science with at least 4+ years of work experience
• Experience in IDA or equivalent disassembly tools
• Experience in Malicious code analysis and reverse engineering
• In-depth insight on operating systems, including Windows platforms in both user and kernel modes
• Static and dynamic reverse engineering of malware bots, such as Stuxnet, Conficker, Aurora, or Storm
• Malware analysis and reverse engineering tools such as wireshark, tcpdump, ollydbg, windbg or Ida Pro
• Proficient with one of the scripting languages such as Perl, Python or Bash.
• Good understanding of databases including MySQL
• Good networking background, familiar with TCP/IP protocol stack, and experience with network security
• Should have excellent troubleshooting, analytical and problem solving skills.
• Ability to multi-task and stay organized in a dynamic work environment.
• Ability to communicate and work effectively with teams across products, functions and locations to deliver tasks/projects on time and meet goals.
Do Not Use