The Role:

Halcyon’s goal is to deliver an anti-ransomware solution that breaks new ground as to what a security product can deliver.  Aligned with this goal, Halcyon is searching for a security researcher to contribute to a number of strategic research initiatives to develop Halcyon’s product and services catalogue. Halcyon’s primary focus for this role is to analyze ransomware samples and threat actor tools to gain insights for future product features, threat actor insights, and assist in the validation of our current capabilities. The ideal candidate will be a proficient reverse engineer with experience in analyzing malware, have a strong understanding of cryptography used in ransomware, and the ability to develop tools to augment existing capabilities.

Responsibilities:

• Technical:

  • Reverse engineer malicious or unknown binaries to find insights and intelligence in ransomware samples and threat actor toolkits

  • Use and develop tools to bypass software protection and binary packing techniques.

  • Identify & develop proof-of-concept tools leveraging your security research background to help assist and scale threat research related tasks

  • Partner with applied researchers to enable the development of new Halcyon products and tools

  • Develop tools for the community, enabling access to our research and best practices, fostering knowledge sharing, and empowering others to conduct their own experiments and learn from our threat research methodology

• Collaboration:

  • Collaborate with partner Research and Data Science teams on projects and to bring new ideas and technology to customers

  • Cultivate global collaborations with security researchers to exchange knowledge, stay updated on emerging threats, and build partnerships with offensive security researchers to enhance our defensive capabilities and embrace cutting-edge offensive security research.

  • Share knowledge with the community through engaging presentations, blog posts, papers, and active participation on social media channels, contributing to the broader information security ecosystem.

• Communication:

  • Write high quality technical reports to enable our business to utilize the research effectively across the organization

  • Articulate technical requirements and details to both highly technical and non-technical audience

Skills and Qualifications:

• Strong capabilities in reverse-engineering Windows binaries and applications.

• Strong familiarity with Windows development practices, low level operating system concepts, and networking.

• Proficiency with development in scripting languages such as Python or Ruby.

• Proficiency with development in compiled languages such as C, C++ and/or Rust.

• Experience in auditing implementations of cryptographic algorithms to identify security issues

• A willingness to lead by example and participate actively in the workload

• Excellent English verbal and written communication and presentation skills

• Maintains a positive attitude and quickly adapts to change

• Passionate about information security

Bonus Skills and Qualifications:

• Participation in security-focused communities, open source development, and intel sharing communities is a plus.

• Proficiency with development in CUDA

• Advanced degree in a technical field (Computer Science, Electrical Engineering, Math, Physics, etc…)

• Track record of advancing offensive security research field through vulnerability discoveries, research publications, and/or developing security tools

Base Salary Range: $168,000 - $240,000

Bonus Target: 10%