Senior Security Researcher - London.

This job does not exist anymore.

Try running a new search or browse our vacancies.

Or fill in the form below to receive job alerts.

2018-08-10 15:27:311970-01-01Delta Search Consulting
Job Type Permanent Full Time
Location London
Area London, UK London
Sector Information Security - Penetration Testing; Ethical Hacking; Reverse Engineering.Information Security - Threat and Vulnerability Research.Information Security - Network; Application and Mobile Security.
Salary £Highly Competitive Basic Salary and Excellent Package
Start Date ASAP
Advertiser Will
Telephone 020 3621 2135 / 07377 677 039
Job Ref WSDS100818
Job Views 135
Senior Security Researcher – London.

Established Internet Security and Privacy Business founded by renowned Computer Scientists. Formed by performance orientated industry pioneers, committed to innovate intelligence as to manner in which Internet interoperability works. Improved, faster Internet experience, enabling appropriate means of assistance for content creators.

The opportunity to take on Senior Security Researcher position within the existing high calibre technical Team  conducting new, ground-breaking Research. Emphasis upon Malware Detection and building Cloud-based Detection pipelines. A taste of things to come.

Knowledge and Experience to include:
  • Malware variations,malicious software infecting PCs / networks. Exploiting; hijacking system vulnerabilities: software bugs (browser / web app plugin); app areas; focus. Ransomware file encryption / extended network (DMA Locker, Windows). RaaS enabling malware licensing to execute attack.
  • Worms infecting machine, cloning PCs, e.g. email attachment. Botnets: compromised devices: mobiles / PCs – zombies: system infection, DDoS. NgrBot: propagated via chat messengers / social networking. Social engineering techniques: malware turning machine into zombie, preventing updates, exposing login credentials / sensitive information. SE attacks. VB script overwriting multiple file types.
  • Trojans carrying dangerous payload. Non-replicating, packaged. Backdoors; rootkits; ransomware; spyware, e.g Tinba, executed via RIG exploit kit. Software vulnerability overlaying spoofed screen requesting information. Deep RIG analysis: exploit kit: web technologies: DoSWF, JavaScript, Flash, VBscript to obfuscate attacks.
  • RIG exploit, follow-up to Angler; Neutrino; Nuclear increasing threat level. New research into potent EK to neutralize RIG EK threat. Routes to prevent infection rates; adversaries bypassing Security software and device. Nature of exploit kit: gate redirecting to exploit kit; combining web technologies, e.g. DoSWF, JavaScript; Flash; VBscript to obfuscate attack.
  • Attacks changing transmitted file encoding and encryption. RIG dissection: script appearing different per launched attack sessions. Detection other than string matches / hash values. Malware file delivery: same file written and executed multiple times. Obfuscation and backup methods for anti-malware; stages. RIG analysis: infections through compromised websites; malicious code redirecting from gate to EK landing page.
  • Malvertising redirecting traffic to adversary’s infection chain. Funnelling to JavaScript / Flash / VBscript attack. Scripts downloading, executing same malware file exploit kit on target machine. Driving traffic to compromised website starting redirection chain. Compromised website loads malicious Flash (SWF) file. Flash file inserting iFrames into compromised site redirecting victim’s browser via iFrame to gate as web site on another server, completing checks, redirecting to exploit kit landing page, web page on another server. JavaScript variables: loading Flash (SWF) exploit; VBscript with exploit; JavaScript exploit as complex infection chain - multiple obfuscation techniques. SWF file obfuscated by commercial protection software (DoSWF): Flash SWF encryptor. Flash file creating malicious iFrames in malicious website: instant and in compromised website after Flash time out plus backup mechanism negating initial compromise if applicable.
  • JavaScript code browser vulnerabilities - iFrame redirecting to RIG exploit kit landing page, browser facing hidden embedded Javascript scripts: RIG EK landing page (VBscript). Tests on target system, (VBscript) executing DoMagic() function, downloading main campaign malware payload: ransomware, URL stored in script. Script on RIG EK landing page: comment insertion, e.g. /*sw7586sdd*/ between JavaScript code. Comments changed per session - Base64 encoded blob appears different each time. Executing malicious Flash (SWF) file, obfuscated by DoSWF Flash tool. Code de-obfuscation, shellcode runtime payload decoded and SWF stored strings, executed by exploit. Remaining RIG exploit JavaScript file landing page - CVE-2013-2551 (MS13-037) to download, infecting victim. MS13-037: vulnerability exploiting IE integer overflow vulnerability. Vulnerability in handling of dashstyle.array length for vml shapes - vgx.dll module. Exploit built and tested: Win 7 SP1, IE 8 as per MS13-037. Code driving victims to URL to download EK malware. Payloads: ransomware, e.g. CRYPTFILE2 – Locky, CryptXXX; Trojans (Gamarue; Gootkit); broken executables. Protecting against RIG disabling all unnecessary browser plugins. Browser patching and updating with Flash plugins.
  • Cloud Malware evading network detection. Prepared, customizable software. Rootkits accessing sensitive app parts, enabling system config file execution / modification, subverting anti-malware software detection, providing access to install malware. Flame, utilised in cyberespionage attacks: screenshots; keystrokes; monitoring network traffic. Backdoors negating system access authentication - webserver / database. Install: part of targeted assault. Social engineering: gain login credentials; access app. Avoiding detection to set up control centre: remote malware update; system command initiation. Malicious activities - data theft: DDoS, infecting visitors’ computers / executing APT attack. Located in IoT devices - Wi-Fi cameras. Post- compromise, infected IoT device as backdoor providing network gateway.
  • Malware-laden Adware infecting system (compromised website) - browser vulnerability. Spyware gathering data sent to third-party without consent. Keylogger: spyware tracking keyboard entries sending data, including login credentials, to perpetrator.
  • Malware Detection / Removal: Services preventing Malware install, identifying web app server infections. WAF deployed at network’s edge, Cloud PCI DSS compliant utilising signature, behavioural and reputational analysis to block malware injection attacks on websites / web apps. Backdoor Protect: service intercepting communication attempts with web server backdoor shells. Tracing requests pinpointing obfuscated malware, even if installed prior to on boarding Cloud security services. Login Protection, eg. flexible two-factor authentication (2FA) solution requiring zero integration. Instantly deployable upon cloud-protected URL addresses. Service preventing perpetrators from using stolen login credentials to obtain network access and install rootkits and backdoors on web servers.
Ideally, individual educated to Ph.D. level. Excellent basic salary and package available for a suitable applicant.
Sector Clear
Area Clear
Job Type Clear
Salary Clear
Sign in
Similar Jobs
  • Principle Security Consultant - Remote
    UK, Home Counties
    Penetration Testing; Ethical Hacking; Reverse Engineering.
    c£100K Basic Salary

      Principle Security Consultant - Remote.   Highly technical individual to join existing, rapidly growing Technical Team at Principle Security Consultant grade.   Organisation renowned for conducting work of critical significance, instigating change. An organisa...
  • Technical Security Consultant - South-East.
    UK, London
    Penetration Testing; Ethical Hacking; Reverse Engineering.
    To £55,000 plus Excellent Package

      Technical Security Consultant – South-East.   A position has arisen for an experienced Security Consultant to join the existing Technical Team within this established, accredited central London based Cyber organisation with an enviable Client base across multiple ind...
  • Security Solutions Architect - Germany
    EMEA, Germany
    Penetration Testing; Ethical Hacking; Reverse Engineering.
    £100K+ Plus Superb Package Plus Paid Relocation

      Security Solutions Architect – Germany - £Superb + Excellent Benefits package + Paid Relocation.    Within this global, market leading organization, key R&D Team activities include advanced technical research; architectural design evolution; strategic ...
Email Me Jobs Like This
Subscribed to similar jobs notifications


Delta Search Ltd
78 York Street

Telephone Number: 020 3621 2135


We use cookies to provide you with the best possible browsing experience on our website. You can find out more below.
Cookies are small text files that can be used by websites to make a user's experience more efficient. The law states that we can store cookies on your device if they are strictly necessary for the operation of this site. For all other types of cookies we need your permission. This site uses different types of cookies. Some cookies are placed by third party services that appear on our pages.
Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. The website cannot function properly without these cookies.
Resolution Used to ensure the correct version of the site is displayed to your device.
Session Used to track your user session on our website.

More Details