Senior Security Researcher - London.
This job does not exist anymore.
Or fill in the form below to receive job alerts.
|Job Type||Permanent Full Time|
|Sector||Information Security - Penetration Testing; Ethical Hacking; Reverse Engineering.Information Security - Threat and Vulnerability Research.Information Security - Network; Application and Mobile Security.|
|Salary||£Highly Competitive Basic Salary and Excellent Package|
|Telephone||020 3621 2135 / 07377 677 039|
- Senior Security Researcher – London.
Established Internet Security and Privacy Business founded by renowned Computer Scientists. Formed by performance orientated industry pioneers, committed to innovate intelligence as to manner in which Internet interoperability works. Improved, faster Internet experience, enabling appropriate means of assistance for content creators.
The opportunity to take on Senior Security Researcher position within the existing high calibre technical Team conducting new, ground-breaking Research. Emphasis upon Malware Detection and building Cloud-based Detection pipelines. A taste of things to come.
Knowledge and Experience to include:
- Malware variations,malicious software infecting PCs / networks. Exploiting; hijacking system vulnerabilities: software bugs (browser / web app plugin); app areas; focus. Ransomware file encryption / extended network (DMA Locker, Windows). RaaS enabling malware licensing to execute attack.
- Worms infecting machine, cloning PCs, e.g. email attachment. Botnets: compromised devices: mobiles / PCs – zombies: system infection, DDoS. NgrBot: propagated via chat messengers / social networking. Social engineering techniques: malware turning machine into zombie, preventing updates, exposing login credentials / sensitive information. SE attacks. VB script overwriting multiple file types.
- Attacks changing transmitted file encoding and encryption. RIG dissection: script appearing different per launched attack sessions. Detection other than string matches / hash values. Malware file delivery: same file written and executed multiple times. Obfuscation and backup methods for anti-malware; stages. RIG analysis: infections through compromised websites; malicious code redirecting from gate to EK landing page.
- Cloud Malware evading network detection. Prepared, customizable software. Rootkits accessing sensitive app parts, enabling system config file execution / modification, subverting anti-malware software detection, providing access to install malware. Flame, utilised in cyberespionage attacks: screenshots; keystrokes; monitoring network traffic. Backdoors negating system access authentication - webserver / database. Install: part of targeted assault. Social engineering: gain login credentials; access app. Avoiding detection to set up control centre: remote malware update; system command initiation. Malicious activities - data theft: DDoS, infecting visitors’ computers / executing APT attack. Located in IoT devices - Wi-Fi cameras. Post- compromise, infected IoT device as backdoor providing network gateway.
- Malware-laden Adware infecting system (compromised website) - browser vulnerability. Spyware gathering data sent to third-party without consent. Keylogger: spyware tracking keyboard entries sending data, including login credentials, to perpetrator.
- Malware Detection / Removal: Services preventing Malware install, identifying web app server infections. WAF deployed at network’s edge, Cloud PCI DSS compliant utilising signature, behavioural and reputational analysis to block malware injection attacks on websites / web apps. Backdoor Protect: service intercepting communication attempts with web server backdoor shells. Tracing requests pinpointing obfuscated malware, even if installed prior to on boarding Cloud security services. Login Protection, eg. flexible two-factor authentication (2FA) solution requiring zero integration. Instantly deployable upon cloud-protected URL addresses. Service preventing perpetrators from using stolen login credentials to obtain network access and install rootkits and backdoors on web servers.