Malware Analyst

Description

The Malware Research & Protection team, part of the Malware & Mail Research and Protection group, is a small and highly collaborative unit of 4 researchers and a team leader. Our mission is to build advanced behavioral and YARA-based protections for Check Point products, scaling our impact through automation and AI-driven detection.

While much of our work focuses on automation and large-scale protection delivery, we also dive deep into reversing and debugging complex malware samples when needed. Our findings can turn into technical blogs and are shared at security conferences.

We combine hands-on malware research with cutting-edge innovation to protect millions of customers worldwide - and we do it as a tight-knit, supportive team where every member contributes to both the technology and the impact.

Major Responsibilities

• Analyze malicious files and develop protections for Check Point products.
• Release daily protections for customers and continuously monitor detection effectiveness.
• Respond to high-profile attacks, investigate them, and create relevant protections.
• Monitor telemetry and sensor data to identify targeted attacks and advanced campaigns.
• Conduct in-depth investigations in Check Point products and drive security enhancements.
• Publish technical and marketing blogs highlighting the team’s research and findings.
• Present research in internal forums, to strategic customers, and at industry conferences.
• Automate processes to increase the team’s efficiency and detection coverage.

Desired Background

• B.Sc. in Computer Science, Computer Engineering, or related field.
• 1-2 years of Hands-on experience in malware analysis (static and dynamic).
• Strong understanding of Windows internals.
• Practical knowledge of writing YARA rules.
• Proficiency in coding and scripting - Python is required.
• Broad knowledge of in-the-wild attacks, malware families, and current security trends.
• Proven experience in analyzing cyberattacks end-to-end.
• Ability to translate findings into actionable detection signatures and protection logic.
• Familiarity with common hacking tools and attacker techniques.
• Knowledge of advanced threat-hunting methodologies.
• Solid understanding of network protocols (TCP/IP, UDP, HTTP(S), DNS, SMB, FTP).
• Experience writing technical blogs, reports, and analysis papers.
• Experience with reverse engineering (static/dynamic malware analysis) - advantage.
• Fluent in English (written and spoken).