Sr. Malware Analysis Automation Engineer

Remote, United States

Full Time Senior-level / Expert
Slack logo
Where work happens
Apply now Apply later

Posted 1 month ago

Our Security team supports the unwritten fourth tenet of Slack’s mission: make people’s working lives more secure. We’re serious about protecting our infrastructure, operations, and most importantly, our customers’ data. We take a systemic approach to security, and strive to ensure we provide low friction high-impact security across everything we do.

As a member of the Slack Security Customer Protection team, you are the first line of detection of bad actors using Slack in unwanted and unexpected ways. As Slack’s data, customers, and features grow, protecting customers’ data from unwanted behaviors becomes an ever more important and challenging problem. The Security Customer Protection team develops and uses tooling to tease out high-quality signal from all the noise, to detect unwanted behaviors, such as abuse of users, workspaces, or tokens. Your work directly impacts the way millions of people, teams and businesses get things done.

Slack has a positive, diverse, and supportive culture—we look for people who are curious, inventive, and work to be a little better every single day. In our work together we aim to be smart, humble, hardworking and, above all, collaborative. If this sounds like a good fit for you, why not say hello?

What you will be doing

  • Proactive discovery and prevention of threat actors and unwanted activity in Slack, specifically related to malware and file sharing
  • Analyze malware threats at scale through scripting
  • Create actions to discover and proactively prevent threats in Slack
  • Engineer novel solutions to automate threat analysis challenges
  • Work closely with other engineering teams to design and build long-term solutions for stopping malicious activity
  • Develop new dashboards to visualize and surface data for analysis and reporting
  • Write Yara rules and scripts to discover new cases of abuse
  • Use data and tools to understand and hunt for threats in the environment
  • Understand the underpinnings of how Slack works, and where bad actors could take advantage, to develop improved detective tools
  • Expose measurable data to partners to improve Slack’s ability to detect future threats
  • Participate in CorpSec detection and response activities and rotation up to 25%

What you should have

  • 5-7 years work experience in threat analysis, focused in malware analysis
  • Malware analysis experience on multiple platforms
  • Proficiency with Python, Yara, Linux, Kibana, Splunk and engineering fundamentals at scale such as AWS, Chef, and Terraform
  • Experience using relational databases such as MySQL or Postgres
  • Proficiency with Malware Analysis Virtual Machines such as REMnux or FlareVM
  • Experience handling and drawing metadata from malicious files, to correlate to malicious campaigns
  • Experience understanding bad actors, threat intelligence, and abuse; involvement remediating abuse or security-related incidents is a plus
  • You have a Bachelor's degree in Computer Science, Engineering or a related field, or equivalent training, fellowship, or work experience

Slack is registered as an employer in many, but not all, states. If you are not located in or able to work from a state where Slack is registered, you will not be eligible for employment. Visa sponsorship may not be available in certain remote locations.

Visa sponsorship is not available for candidates living outside the country of this position.


Job tags: AWS Chef Linux MySQL Postgres Python Terraform
Job region(s): North America Remote/Anywhere
Job stats:  7  0  0
  • Share this job via
  • or

More DevOps and Cloud position highlights