Senior Principal Threat Researcher

Who Are We? 
We’re not just a company; we’re a global force. Fiercely committed to ensuring that everyone, everywhere, can live their lives digitally safe. Our family of brands – Norton, Avast, LifeLock, Avira, AVG, ReputationDefender and CCleaner – unite the brightest minds, the sharpest tech and the most diverse thinking to protect over 500 million people. And we’ve built an inclusive workplace, where your well-being is a priority because true success comes from a place of balance and authenticity. When you're thriving, you’re unstoppable. So, bring us your bold ideas and passion that refuses to quit. The digital world isn’t some distant reality – it's the world we live in, and we’re ready for it. If you’re ready to push boundaries and be part of something bigger, join #TeamGen.
How We Work?

We're seeking a skilled Malware Researcher with a passion for cybersecurity and a knack for thwarting threats targeting everyday users. In this role, you'll leverage advanced techniques, tools, and methodologies to identify and neutralize active scam campaigns, phishing attempts, and various forms of malware, both file-based and file-less. You'll play a critical role in staying ahead of emerging threats, ensuring our defenses are robust and effective in safeguarding individuals' digital lives. 

Mission and Goals:

• Conduct threat hunting and in-depth analysis to uncover emerging threats. 

• Develop detection routines to effectively identify and block analyzed threats. 

• Perform unpacking and deobfuscation of newly discovered malware. 

• Design and implement heuristic approaches to enhance threat detection capabilities. 

• Share insights and contribute to the cybersecurity community through talks, blogs, and other channels. 

Objectives:

• Proficiency in x86/x64 assembler, debugging tools, and decompilers (e.g., OllyDbg, IDA Pro, Ghidra). 

• Strong understanding of Windows Internals. 

• Experience in reverse engineering. 

• Excellent English communication skills. 

• Enthusiasm, self-motivation, and a commitment to continuous learning. 

• Familiarity with keywords such as bytecode, base64, RC4, Unescape, DocumentWrite, CVE, MZ, PE, rootkit, emulation, memory dump, WinAPI, sandbox, CAFEBABE, ELF, /etc/hosts, FEEDFACE, honeypot, and botnet. 

• Knowledge of YARA. 

• Proficiency in JavaScript analysis and HTML.

Nice To Have:

• Understanding of PDF, OLE, and other common non-PE file formats. 

• Thorough knowledge of ELF, Mach-O, and Fat-O formats. 

• Experience with continuous deployment practices. 

• Familiarity with virtual environments/containers. 

• Understanding of typical malware methodologies and behavior. 

• Experience with kernel-mode code, including rootkits. 

• Proficiency in manual removal of malware and unwanted apps across Windows, Android, and Mac platforms. 

• Knowledge of Python. 

What We Can Offer:

• Annual bonus scheme.

• Unlimited PTO (paid time off), flexible working hours.

• The chance to join a major global tech company listed on the S&P 500.

• Opportunity to learn and work with the best in the Digital Security industry.

• Cafeteria points are provided by Benefit Plus (meal plan, pension insurance, travel, free time activities, multisport card, and much more).

• Tuition reimbursement for job-related courses.

• Learning & Development plan.

• Sustainable home improvement bonus.

#LI-VP1