Job Description

The OCI Threat Intelligence Center (OTIC) is responsible for the tracking and monitoring of a range of threat actors from cybercrime to Advanced Persistent Threat (APT) groups impacting OCI and its customers. The scope and responsibility of this team includes attack analysis, tracking threat actor\'s indicators of compromise (IOCs) and their tactics, techniques, and procedures (TTPs), aiding in security incident response, executive communication, and customer outreach. This particular role is about malware analysis and engineering efforts to aid in the mission of OTIC

Key Responsibilities

• Support static and dynamic analysis efforts of malicious samples and combine results of analysis with other intelligence sources to try and produce attribution.
• Produce highly-technical reports of reverse engineering efforts of malware samples
• Manage various communication streams including cross company and executive communications
• Facilitate analysis of suspicious files discovered during security incidents. Be able to articulate proper feedback and support the Detection and Response teams in their investigations.
• Keep up-to-date on geopolitical issues across the world and be able to translate them into potential and future cyber incidents involving Oracle and its ecosystem.
• Develop techniques for conducting longitudinal analysis of malware and clustering into attribution back to threat actors
• Develop and maintain procedures and runbooks specific to malware analysis at scale of a public cloud. Ingratiate into the larger Threat Intelligence community to create and maintain trust networks.

• 2-4 years of industry experience performing malware analysis and reverse engineering of a wide variety of malware samples raging from commodity samples to 0days Have analyzed malware families of at least 1-2 different APT groups across at least two different regions in the world.
• Experience with variety of samples including from Win32, Win64, ELF, iOS, and Android operating systems
• Experience in one or more of the following fields of work: National security, military, federal intelligence, law enforcement, criminology, and/or foreign areas and language
• A broad background in information security with experience in security operations, vulnerabilities and exploitation, network security, and cloud security.
• Experience with variety of tools used for analysis including IDA Pro, OllyDbg, Ghidra, etc.
• Experience performing open source research on a variety of topics
• Excellent verbal/non-verbal communication skills with proficient ability to deliver technical information to non-technical staff
• Previous Incident Response, Security Operations Center, and/or Forensic Analyst experience preferred
• Knowledge of common attack types/vectors and associated mitigations.
• Knowledge of how to use structured queries to pull data from logs and be able to formulate signatures such as ability to use YARA, Snort, Suricata, Bro/Zeek successfully
• BS or MS degree in Computer Science, Computer Engineering, Information Systems, Cyber Security, or equivalent experience
• Prior experience working on a global security team is a plus