Sign in

Malware Prevention Reverse Engineer – Cyber Security Defense

Job description
The Cyber Security Defense (CSD) function within Global Information Security is responsible for all aspects of threat intelligence and monitoring, application and network security, and insider threat.
The Malware Prevention Team’s aim is to reduce risk across our client’s by using existing or establishing robust cyber-hacking and malicious code containment activities for the security, safeguarding, continuity and confidentiality of information of our client They are looking for an advanced-level analyst that has experience with threat actor tracking, malware analysis, and reverse engineering of malware. They will be part of a Malware Prevention sub-team team that focuses on malware research and analysis.

Responsibilities include, but are not limited to:
• In-depth analysis of malware, including authoring analysis reports.
• Tracking malware campaigns, malicious actors, and related infrastructure.
• Creation of tools and scripts to assist in the analysis of malware analysis.
• Field escalations of potentially malicious files and websites from teams within Malware Prevention.

Required Skills:

  • Strong direct experience of analyzing malware
  • Intermediate to advanced malware analysis skills
  • Intermediate to advanced experience reverse engineering tools such as IDA Pro, x64dgb, OllyDbg, Immunity Debugger and/or Ghidra
  • Intermediate to advanced experience reverse engineering malware code written in C, C++, VisualBasic, Java, .NET, Delphi, JavaScript, and VBScript.
  • Solid background in C++ programming and Win32 API’s
  • Experience creating malware analysis tools and scripts for use in tasks such accelerating malware analysis, unpacking malware, and extracting data (ex – configuration extraction)
  • Experience building and maintain scripts to emulate malware and parse c2 response traffic is a plus
  • Experience in encryption/obfuscation and how to reverse it is desired
  • Can create innovative ways to track progression of malware families, infrastructure and campaigns conducted by ecrime, and cyber espionage actors
  • Experience with penetration testing and/or adversary emulation is a plus.
  • Background in network traffic analysis.
  • Knowledge of networking protocols: TCP/IP, HTTP/HTTPs, FTP, IRC etc
  • GCIH, GREM, GCFA or CISSP is desired, but not required
  • Able to work independently on tasks, but also work well within a team environment

CYBERSECURITY SERVICES PRODUCT MANAGER

Position Overview:

As an REMOTE OT Cybersecurity Services Product Manager, you will be responsible for developing innovative class leading Cybersecurity service offerings & solutions in the US market.

In this role you will and your foundation of work should reflect that you have:

  • Develop and maintain a best-in-class OT cybersecurity services and solutions portfolio that provides customers with a one stop shop to understand and mitigate their cybersecurity risk.
  • Engage with clients in strategic discussions to provide best in class Cybersecurity / OT Strategy and industry guidance to maximize client’s long-term business objectives.
  • Identify new areas of growth. Develop strategic partnerships with other Service Providers (IT/OT), Technology providers, Engineering/Consulting firms to enable mutual growth
  • Develop and maintain contact with top decision makers at key clients; Organize and lead pursuit teams; Participate and lead aspects of the proposal development process; contribute to the development of proposal pricing strategies.
  • Develop a strong pipeline of opportunities to support product line growth objectives. Lead client-facing management OT Security Strategy and Planning sessions and formal proposal presentations.
  • Collaborate with internal/external sales teams and educate, empower the teams to capture Cybersecurity services opportunities at end customers
  • Act as a brand ambassador for Cybersecurity services. Represent  at Tradeshows, Conferences & other industry specific meetings. Provide guidance to internal commercial teams as a Subject Matter Expert.
  • Create and execute Go To Market Strategy. Enable go to market strategies around Operation Security, Data Privacy, OT Compliance, OT Risk and Data Governance.
  • Collaborate with marketing to implement multi-channel marketing campaigns for the acquisition and retention of customers. Create sales enablement materials and deliver sales enablement training.
  • Contribute to problem-solving sessions with the project team, consulting team, and client representatives on a regular basis.
  • When necessary, serve as the escalation point between Cybersecurity Service groups working with clients to ensure the tools and service offerings address the needs of client requirements.

	

Cyber Security Operations Manager

The Cyber Security Operations Manager is the operational business-facing representative of the Cyber Security group, covering both the internal enterprise as well as the external client-facing presence.

Mission:

The Cyber Security Operations Manager is responsible for conducting all Cyber Security operations tasks. This includes the operational aspects of responding to incidents, the day-to-day management of the operations group
including the global SOC’s, Cyber Security Awareness team, Threat/Intelligence team, and the eForensics and eDiscovery team. Primary responsibility for “Detect” and “Respond” pillars of the NIST Cyber Security Framework and
manages the engineering and tooling requirements for both.

Relationships:

Reports to Chief Information Security Officer. Manages the Global SOC team, eForensics/eDiscovery team, Threat / Intelligence team, and the Global Cyber Security Awareness team. The Cyber Security Operations Manager is expected to be able to represent the CISO when required to executive management.

Main Responsibilities:

  • Set priorities for the “Detect” and “Respond” pillars of the NIST Cyber Security Framework
  • Lead the response to Cyber Security Incidents, reporting to both the CISO, CIO, and Executive leadership as required.
  • Set the enterprise-wide Operation Cyber Security strategy, contributing to the overall Cyber Security Strategy.
  • Manage, maintain, and own the Cyber Security Response Plan and associated playbooks for incident response.
  • Maintain and deliver the external, client-facing message for the Cyber Security group; represent the company in public
    forums while delivering the Cyber Security message.
  • Act as the primary interface with US government Cyber Security groups and agencies. (CISA, FBI, NSA)
  • Act as the secondary interface with global government Cyber Security groups and agencies.
  • Help enforce local and regional regulatory requirements.
  • Provide security awareness to management at their level and above.
  • Offer feedback on business reality versus security policies, procedures, and associated plans. Offer feedback on gap
    analysis versus business needs.
  • Execute corporate security bulletins.
  • Review exemptions to security policies and standards.
  • Review security assessment and GAP analysis for security controls and compliance.
  • Manage and prioritize engineering initiatives and projects for Cyber Security Operations Group.
Business:
  • Work closely with client’s product owners and the various business functions (IT, QHSE, Supply Chain, HR, etc.) to ensure that appropriate systems security practices are in place.
  • Maintain and Report on the Threat landscape of the company, and manage the intelligence assets appropriately.
  • Actively promote security as an enabler to client’s business and propose solutions to balance between the business needs and security requirements.
  • Conduct tours / deliver the Cyber Security message to both internal leadership and external clients and partners.

Governance:

  • Review and advise on CyberSecurity standards.
  • Provide Operational Feedback reflecting business needs back into the CyberSecurity Governance organization.
  • Contribute to meetings held with CyberSecurity product vendors held in your area of responsibility.
  • Deep working knowledge of the NIST Cyber Security Framework.

Strategy, Research, and Development:

  • Be familiar with client’s technology, organization, business policies, and IT strategy.
  • Maintain constant vigilance over all ongoing IT projects in assigned Area.
  • Keep abreast of the latest technologies and best practices relevant to the world of CyberSecurity covering both IT and OT.
  • Define pilot projects and evaluations of technologies that can improve Schlumberger’s security infrastructure.

an ONSITE gig (8:00am to 5:00pm)