Lead Threat Research Developer

OPENTEXT 
OpenText is a global leader in information management, where innovation, creativity, and collaboration are the key components of our corporate culture. As a member of our team, you will have the opportunity to partner with the most highly regarded companies in the world, tackle complex issues, and contribute to projects that shape the future of digital transformation.

The Advanced Threat Research Team leverages our people, processes and technology to deliver world class threat identification and protection for our customers’ and their data. Companies are recognizing the need to leverage behavioral threat detection for threats more accurately and help protect against insider threat. With this in mind, we work tirelessly to drive improvements across our security services and accelerate our customers’ digital journey in a safe and trusted environment.

Your Impact:

The Webroot Cybersecurity organization at Open Text is seeking a Lead Threat Research Developer to support our Global Engineering, Threat Research, and Data Science teams.

The role day to day varies between creation and management of Yara rules, collaborating with our global threat research team, reverse engineering, threat and operating system internals research, and efficacy-focused design and development.

The role necessitates a wealth of reverse engineering and threat research experience. The driven candidate should be deeply familiar with both the Windows API and lower level operating systems fundamentals.

What the role offers:

As a Lead Threat Research Developer, you will:

• Utilize proprietary tools and technologies and pattern matching skills to accurately identify emerging malware, identify new malware distribution methods, create Yara rules for that malware
• Analyze information and develop methods of detection and removal of Malware
• Collaborate with multiple internal engineering and cross-functional teams on technical analysis 
• Manage multiple projects simultaneously while quickly learning a breadth of new concepts and technologies
• Serve as the leading point of contact to communicate and educate internal employees in customer support
• Perform testing functions to verify defect fixes and to assist the Quality Assurance team when needed

What you need to Succeed:

• 5+ years of experience in malware reverse engineering or equivalent.
• 10+ years of programming/scripting experience (e.g., C, C++, C#).
• 1+ year of experience developing Yara rules.
• Participation in security-related forums and industry events for malware, security, and digital crimes.
• Strong knowledge of Windows XP/Vista/7/8 32-bit & 64-bit internals, including:
  • Windows Registry, PE Format, Processes/Threads/DLLs, Windows memory and security models, SACL/DACL, Tokens, and Desktops.
  • Virtualization, Hooking/Injection mechanisms, Usermode/Kernel mode structures, and dump analysis using WinDbg.
  • Familiarity with IDA Pro, Ghidra, x86 assembly, and rootkit detection techniques.

• Expertise in diagnosing and remediating malware.
• Excellent communication skills.

Desired Skills and Experience

• Experience developing security software
• Crypto: Encrypt/Decrypt, Hashing, Digital Signature/Verification
• Experience with SQL Server database applications and tools

One last thing:

OpenText is more than just a corporation, it's a global community where trust is foundational, the bar is raised, and outcomes are owned. 

Join us on our mission to drive positive change through privacy, technology, and collaboration. At OpenText, we don't just have a culture; we have character. Choose us because you want to be part of a company that embraces innovation and empowers its employees to make a difference.

OpenText's efforts to build an inclusive work environment go beyond simply complying with applicable laws. Our Employment Equity and Diversity Policy provides direction on maintaining a working environment that is inclusive of everyone, regardless of culture, national origin, race, color, gender, gender identification, sexual orientation, family status, age, veteran status, disability, religion, or other basis protected by applicable laws.

If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please contact us at hr@opentext.com. Our proactive approach fosters collaboration, innovation, and personal growth, enriching OpenText's vibrant workplace.