Address
Form of work
SalaryJob Posting Title:
Senior Threat Intelligence / Malware Analyst -
Hiring Department:
Information Security Office -
Position Open To:
All Applicants -
Weekly Scheduled Hours:
40 -
FLSA Status:
Exempt -
Earliest Start Date:
Immediately -
Position Duration:
Expected to Continue -
Location:
UT MAIN CAMPUS -
Job Details:
General Notes
Remote work allowed. Remote work for individuals who reside outside Texas but within the United States and its territories will be considered and requires Central Office approval.
So.. Do you like doing long handstands throughout the day to get those creative juices flowing? Do you keep a statistics book handy just in case? Do you think one day you might retire and become a professional poker player? Do you find this joke funny: A squirrel walks up to a tree and says “I forgot to store nuts for the winter and now I am dead”? Do you sometimes lie awake at night wondering how to make the flux capacitor work for reals? Me neither, but if you are still reading, you might be a good fit for our team.
In this role, you will help the Threat Detection and Response (TDR) team, within the UT Information Security Office, to analyze threats and associated data and malware to improve related defenses and automated responses to help the University of Texas at Austin manage risks, defend against attacks, and deploy services to assist and secure entities all over the planet (e.g., across the wider University of Texas System and other education institutions across the planet).
So.. Do you like doing long handstands throughout the day to get those creative juices flowing? Do you keep a statistics book handy just in case? Do you think one day you might retire and become a professional poker player? Do you find this joke funny: A squirrel walks up to a tree and says “I forgot to store nuts for the winter and now I am dead”? Do you sometimes lie awake at night wondering how to make the flux capacitor work for reals? Me neither, but if you are still reading, you might be a good fit for our team.
In this role, you will help the Threat Detection and Response (TDR) team, within the UT Information Security Office, to analyze threats and associated data and malware to improve related defenses and automated responses to help the University of Texas at Austin manage risks, defend against attacks, and deploy services to assist and secure entities all over the planet (e.g., across the wider University of Texas System and other education institutions across the planet).
You will also have fun and you might even be warmed by your impact and ability to help others unless you are a cyborg, in which case your AI should have directed you to our other posting.
The threat landscape we operate in requires a team to respond appropriately; therefore, please apply even if you are unsure if your experience is relevant. The most important ingredients for success on this team are a strong ability to think creatively about problems, very strong communication skills, and a passion to learn and share knowledge.
You will get to work on large services and will have a chance to directly see the positive impact they have across the state, the country and even across the planet. You will get an opportunity to contribute to product development and roadmap with your unique perspective and ideas.
You will get to work with a very intelligent and dedicated team to address enterprise cybersecurity challenges through novel approaches in an office that highly values work-life balance, the freedom to explore out of the box ideas, and serving others.
Most importantly, you will help take our tools and ideas to the next level. What starts here changes the world!
Your skills will make a difference.
You’ll be working for a university that is internationally recognized for our academic programs and research. Your work will contribute to operational excellence and enhance the student experience. If you’re the type of person that wants to know your work has meaning and impact, you’ll like working in our department and for UT Austin. UT Austin provides an outstanding benefits package including but not limited to:
- Competitive health benefits (employee premiums covered at 100%, family premiums at 50%)
- Voluntary Vision, Dental, Life, and Disability insurance options
- Generous paid vacation, sick time, and holidays
- Teachers Retirement System of Texas, a defined benefit retirement plan, with employer matching funds
- Additional Voluntary Retirement Programs: Tax Sheltered Annuity 403(b) and a Deferred Compensation program 457(b)
- Flexible spending account options for medical and childcare expenses
- Robust free training access through LinkedIn Learning plus professional conference opportunities
- Tuition Assistance
- Expansive employee discount program including athletic tickets
- Free access to UT Austin's libraries and museums with staff ID card
- Free rides on all UT Shuttle and Austin CapMetro buses with staff ID card
- For more details, please see: https://hr.utexas.edu/prospective/benefitsandhttps://hr.utexas.edu/current/services/my-total-rewards.
This position requires you to maintain Internet service and a mobile phone with voice and data plans to be used when required for work.
Must be authorized to work in the United States on a full-time basis for any employer without sponsorship.
Purpose
This position works with Threat Detection and Response (TDR) team, within the UT Information Security Office, to analyze threats and associated data and malware to improve related defenses and automated responses to help the University of Texas at Austin manage risks, defend against attacks, and deploy services to assist and secure our customer entities across the state and beyond.
Responsibilities
- Conduct in-depth malware reverse engineering, including the analysis of malware samples, understanding their functionality, and identifying their purpose
- Utilize various tools and techniques, such as static and dynamic analysis, debugging, and disassembly, to analyze and dissect complex malware samples
- Develop custom scripts and tools to automate and streamline the reverse engineering process
- Identify and understand the techniques used by advanced threat actors, including zero-day vulnerabilities, exploit development, and advanced persistent threats.
- Collaborate with the TDR team to develop and implement countermeasures, such as intrusion detection system (IDS) rules, Zeek scripts, Yara rules, and mitigation strategies
- Maintain up-to-date knowledge of the latest malware threats, vulnerabilities, and industry trends, sharing relevant information with the TDR team
- Better yourself and look for opportunities around the office to improve operations through collaboration and knowledge sharing.
- Other related functions as assigned.
Required Qualifications
- U.S. Citizen, resident, or officially recognized asylee - Applicant selected will be subject to government security investigation and must meet eligibility requirements for access to classified information at the level appropriate to the project requirements of the position.
- Minimum of 5 years of experience in malware reverse engineering, with a strong focus on advanced threats, sophisticated malware, and post exploitation tools
- Strong analytical skills involving Zeek, Snort, Suricata, Wireshark and tcpdump
- Strong familiarity with reverse engineering tools and techniques, including IDA Pro, Ghidra, OllyDbg, and x64dbg
- Strong familiarity with writing Zeek, Snort, Suricata rules or scripts
- Strong synchronous and asynchronous communication skills.
- Strong proficiency in programming languages such as C, C++, Python, and Assembly
- Strong understanding of operating systems, networking protocols, and software exploitation techniques
- Self-motivated to learn and share knowledge.
Relevant education and experience may be substituted as appropriate.
Preferred Qualifications
- Experience with relational / non-relational datastores.
- Experience with Splunk
- Experience successfully working in a remote and/or hybrid work environments.
Salary Range
$130,000 + depending on qualifications
Working Conditions
- May work around standard office conditions
- Repetitive use of a keyboard at a workstation
- This position provides life/work balance with typically a 40-hour work week. Flexible work arrangements are available for this position.
Required Materials
- Resume/CV
- 3 work references with their contact information; at least one reference should be from a supervisor
- Letter of interest
Important for applicants who are NOT current university employees or contingent workers: You will be prompted to submit your resume the first time you apply, then you will be provided an option to upload a new Resume for subsequent applications. Any additional Required Materials (letter of interest, references, etc.) will be uploaded in the Application Questions section; you will be able to multi-select additional files. Before submitting your online job application, ensure that ALL Required Materials have been uploaded. Once your job application has been submitted, you cannot make changes.
Important for Current university employees and contingent workers: As a current university employee or contingent worker, you MUST apply within Workday by searching for Find UT Jobs. If you are a current University employee, log-in to Workday, navigate to your Worker Profile, click the Career link in the left hand navigation menu and then update the sections in your Professional Profile before you apply. This information will be pulled in to your application. The application is one page and you will be prompted to upload your resume. In addition, you must respond to the application questions presented to upload any additional Required Materials (letter of interest, references, etc.) that were noted above.
#LI-Remote
#LI-Remote
-
Employment Eligibility:
Regular staff who have been employed in their current position for the last six continuous months are eligible for openings being recruited for through University-Wide or Open Recruiting, to include both promotional opportunities and lateral transfers. Staff who are promotion/transfer eligible may apply for positions without supervisor approval. -
Retirement Plan Eligibility:
The retirement plan for this position is Teacher Retirement System of Texas (TRS), subject to the position being at least 20 hours per week and at least 135 days in length. -
Background Checks:
A criminal history background check will be required for finalist(s) under consideration for this position.
-
Equal Opportunity Employer:
The University of Texas at Austin, as an
equal opportunity/affirmative action employer
, complies with all applicable federal and state laws regarding nondiscrimination and affirmative action. The University is committed to a policy of equal opportunity for all persons and does not discriminate on the basis of race, color, national origin, age, marital status, sex, sexual orientation, gender identity, gender expression, disability, religion, or veteran status in employment, educational programs and activities, and admissions. -
Pay Transparency:
The University of Texas at Austin will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor’s legal duty to furnish information.
-
Employment Eligibility Verification:
If hired, you will be required to complete the federal Employment Eligibility Verification I-9 form. You will be required to present acceptable and original
documents
to prove your identity and authorization to work in the United States. Documents need to be presented no later than the third day of employment. Failure to do so will result in loss of employment at the university. -
E-Verify:
The University of Texas at Austin use E-Verify to check the work authorization of all new hires effective May 2015. The university’s company ID number for purposes of E-Verify is 854197. For more information about E-Verify, please see the following:
- E-Verify Poster (English)[PDF]
- E-Verify Poster (Spanish)[PDF]
- Right To Work Poster (English)[PDF]
- Right To Work Poster (Spanish)[PDF]
-
Compliance:
Employees may be required to report violations of law under Title IX and the Jeanne Clery Disclosure of Campus Security Policy and Crime Statistics Act (Clery Act). If this position is identified a Campus Security Authority (Clery Act), you will be notified and provided resources for reporting. Responsible employees under Title IX are defined and outlined in
HOP-3031
. The Clery Act requires all prospective employees be notified of the availability of the Annual Security and Fire Safety report. You may
access the most recent report here
or obtain a copy at University Compliance Services, 1616 Guadalupe Street, UTA 2.206, Austin, Texas 78701.
