Uncubed
   

Senior Threat Intelligence Researcher

Lookout, Remote, Canada

Everything is OK


We are open to candidates across Canada to work remotely.

Lookout is an integrated endpoint-to-cloud cybersecurity company. Our mission is to secure and empower our digital future in a privacy-focused world where mobility and cloud are essential to all we do for work and play. With 100 million mobile sensors fueling a dataset of virtually all the mobile code in the world, the Lookout Security Cloud can identify connections that would otherwise go unseen -- predicting and stopping mobile attacks before they do harm. We enable consumers and employees to protect their data, and to securely stay connected without violating their privacy and trust. Lookout is trusted by millions of consumers, the largest enterprises and government agencies, and partners such as AT&T, Verizon, Vodafone, Microsoft, Google, and Apple. Headquartered in San Francisco, Lookout has offices in Amsterdam, Boston, London, Sydney, Tokyo, Toronto and Washington, D.C.

We are looking for a Senior Security Researcher to join our Threat Intelligence team, a group of top-tier security researchers working to identify, investigate, and track targeted attacks on users of mobile devices. As a member of this team you will use an extensive arsenal of detection tools including the largest collection of mobile apps containing 140M+ Android and iOS apps to find and research mobile malware and hunt down malicious actors, their infrastructure, tooling and techniques.

Responsibilities:

  • Develop strategies to hunt mobile threats targeting enterprises and individuals.
  • Identify and track malicious actor.
  • Develop tools to mine internal and external data sources to identify new campaigns, malware families, and malicious actors.
  • Investigate adversary command-and-control infrastructure.
  • Reverse-engineer and analyze functionality of malicious apps.
  • Report findings to Threat Intelligence customers.

Qualifications & skills:

  • Threat hunting experience with multiple data sets (e.g. PassiveTotal, Virustotal, etc.).
  • Experience in reverse engineering software (mobile app reversing preferred).
  • Ability to articulate technical findings both in written reports and presentations. 
  • Experience using some of the following tools: JEB, IDA Pro, Ghidra, Hopper, gdb, Frida, Wireshark, BurpSuite.
  • Ability to read code in Java and C; ARM Assembly, ObjectiveC and Swift is a bonus.
  • Experience in conducting OSINT investigations across Surface/Deep/Dark Web.
  • Ability to create research tools in Python, Ruby or Java.
  • Experience with threat intelligence file types, tools and terminology such as MITRE ATT&CK, STIX, MISP and the Intelligence Cycle is a bonus.
  • Curiosity and a strong drive to understand how both state and criminal actors operate.

#LI-BA1313

#LI-Remote

977

About Lookout

Lookout is a cybersecurity company that makes it possible for individuals and enterprises to be both mobile and secure. With 100 million mobile sensors fueling a dataset of virtually all the mobile code in the world, the Lookout Security Cloud can identify connections that would otherwise go unseen -- predicting and stopping mobile attacks before they do harm. The world’s leading mobile network operators, including AT&T, Deutsche Telekom, EE, KDDI, Orange, Sprint, T-Mobile and Telstra, have selected Lookout as its preferred mobile security solution. Lookout is also partnered with such enterprise leaders as AirWatch, Ingram Micro and MobileIron. Headquartered in San Francisco, Lookout has offices in Amsterdam, Boston, London, Sydney, Tokyo, Toronto and Washington, D.C.

Lookout

Want to learn more about Lookout? Visit Lookout's website.