Staff Emulation Engineer
Alphawave Semi
PerlPythonShell Scripting
Malware Analyst
NCC Group
full-time
Posted on:
Location Type: Office
Location: London • 🇬🇧 United Kingdom
Visit company websiteJob Level
Mid-LevelSenior
Tech Stack
AssemblyDNSPythonTCP/IP
About the role
- Conduct in-depth static and dynamic analysis of new and emerging malware threats, identifying potential risks and novel attack vectors.
- Provide detailed analysis of malware samples as part of Digital Forensics and Incident Response (DFIR) investigations.
- Respond to Requests for Information (RFIs) related to malware and binary analysis from internal and external teams.
- Stay up-to-date with ongoing malware campaigns and techniques, providing insight into emerging or high-impact threats.
- Document and report on malware behaviour, techniques, tactics, and procedures (TTPs).
- Generate and share IoCs from malware analyses, leveraging the internal TIP tooling.
- Contribute to external communications through blog posts highlighting unique or significant malware findings.
- Develop and maintain tools and scripts for malware analysis, including custom configuration extractors and unpackers in the malware lab.
- Create and refine detection signatures such as YARA rules and identify network and host-based detection opportunities.
- Support the GTI team and collaborate with DFIR, detection engineering, and external partners to share intelligence and ensure detections are in place for latest threats.
Requirements
- Proven experience as a Malware Analyst, Threat Intelligence Analyst, or similar role with a focus on malware research and response.
- Strong knowledge of reverse engineering tools and techniques (IDA Pro, Ghidra, OllyDbg or similar).
- Familiarity with programming languages such as Python, C++, or assembly.
- Expertise in creating and maintaining YARA rules.
- Strong understanding of networking protocols, including TCP/IP and DNS.
- Experience providing detailed analysis as part of Digital Forensics and Incident Response (DFIR) investigations.
- Experience developing tools and scripts for malware analysis (configuration extractors, unpackers).
- Experience generating IoCs and using internal TIP tooling.
- Ability to respond to Requests for Information (RFIs) related to malware and binary analysis.
- Willingness and ability to undergo mandatory pre-employment background checks (BS7858 screening).
- Ability to collaborate with internal teams (DFIR, detection engineering) and external partners/information-sharing communities.
Benefits
- Flexible working
- Financial & Investment Pension
- Life Assurance
- Share Save Scheme
- Maternity & Paternity leave
- Community & Volunteering Programmes
- Green Car Scheme
- Cycle Scheme
- Employee Referral Program
- Lifestyle & Wellness
- Learning & Development
- Diversity & Inclusion
- Wellness programs and flexible working arrangements
- Comprehensive benefits package
ATS Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard skills
malware analysisreverse engineeringYARA rulesPythonC++assemblynetworking protocolsTCP/IPDNSDigital Forensics and Incident Response
Soft skills
collaborationcommunicationanalytical thinkingproblem-solvingattention to detail
Certifications
BS7858 screening
