Senior Security Analyst – Malware & Application Security

Relevant Experience: 5 – 6 years

About the Role

We’re looking for a Senior Security Analyst with a focus on malware analysis, application security, and software validation. You’ll be responsible for ensuring third-party applications and patches, particularly those distributed through our MDM platform, are safe, authentic, and compliant. You’ll lead efforts to validate software in sandboxed environments and build robust analysis pipelines to protect our customers proactively.

Key Responsibilities

• Lead the static and dynamic analysis of third-party software, including Windows and Linux applications, as well as patches and updates from Microsoft, Ubuntu, Debian, CentOS, GitHub, and other open-source repositories, to identify potential threats, vulnerabilities, or anomalies.
• Architect and enhance sandbox environments to simulate real-world usage for in-depth application behavior analysis.
• Develop and enforce processes for secure application validation and vetting before inclusion in our enterprise app store.
• Collaborate with engineering, product, and security operations teams to ensure secure integration of third-party apps and updates.
• Investigate and respond to complex security incidents related to malicious code or unauthorized software behavior.
• Mentor junior analysts and conduct code reviews, threat assessments, and post-analysis documentation.
• Stay updated on threat intelligence, CVEs, malware trends, and vulnerabilities affecting third-party software.
• Assist in compliance efforts and contribute to internal policies and procedures related to software assurance.

Qualifications

• 4-6 years in cybersecurity, with strong expertise in malware analysis, reverse engineering, or secure software validation.
• Experience with sandboxing technologies, debuggers, and disassemblers.
• In-depth understanding of Windows and Linux internals, including process management, memory architecture, file systems, and kernel operations, along with strong expertise in binary analysis and common malware obfuscation techniques.
• Proficient with tools such as IDA Pro, Ghidra, Wireshark, YARA, etc.
• Strong scripting skills (Python, PowerShell, or similar) for automation of analysis workflows.
• Familiarity with digital signature validation, hashing techniques, and secure code practices.
• Experience in MDM, endpoint security, or enterprise security platforms is a plus.