Senior Cyber Security Malware Analyst

Job Description

Auto req ID: 187475BR

Job Description

Imagine when YOUR “Creative Solutions” MEETS OUR Thirst for Innovation

At PepsiCo it takes a global team to solve some of the most complex problems. And our InfoSec group is no exception! From Plano to Poland - we have a collaborative team comprised of two structures, a Center of Excellence, and a Consultancy, that are consistently innovating and supporting one another across borders. Influencing and driving our security agenda is no small task, and recognize the everyday contributions our talented security professionals make.

The Senior Cyber Security Malware Analyst will be a key member of the PepsiCo Global Cyber Fusion Center (CFC) responsible for malware analysis, reverse engineering of malware and digital forensics. The Senior Cyber Security Malware Analyst will lead efforts to develop and extract IOCs from malicious binaries and use the resulting data to inform Threat Detection Team efforts to create detection logic. The Senior Cyber Security Malware Analyst will also work closely with Incident Response and Threat Intelligence Teams to coordinate and integrate intelligence into operational processes and work as a part of a highly diverse Cyber Fusion Team to support hunting, Incident Response, Threat Detection and Malware/Digital Forensics capabilities.

In Sr. Malware Analyst Role:

  • You will lead efforts to analyze executables and malicious files
  • Investigate computer systems to identify malware infections or evidence of malware related activity
  • Preform ad hoc memory and disk forensics
  • Produce detailed technical reports and presentations in support of malware investigations
  • Maintain proper evidence custody and control procedures, documents procedures and findings
  • Perform malware and intrusion analysis, host-based forensics and threat intelligence collection
  • Manage Malware Analysis Lab and continue to develop customized technical solution sets to monitor and analyze malware
  • Perform incident response duties, including log and data collection and preservation and host and network forensics and provide collaboration and tactical communications, including situation reports for management, administrators, and end-users
  • Act as a subject matter expert for inquiries by internal IT engineering teams
  • A passion for research, and uncovering the unknown about internet threats and threat actors

Qualifications/Requirements

Education:

  • Bachelor’s degree in Information Technology, related discipline or relevant work experience
  • Relevant Technical Security Certifications (GIAC, EC-Council, Offensive Security, etc)

Experience:
  • 7+ years overall IT experience
  • 4+ years of recent operational security experience (SOC, Incident Response, Malware Analysis, IDS/IPS Analysis, etc)
  • Experience performing the role of a technical lead in complex global security projects
  • Experience in identifying and defeating malware defense mechanism such as anti-reverse, anti-debug, and anti-virtual machine
  • Experience and knowledgeable of:
- Encase
- IDA Pro disassembler, Ollydbg & Hex-Rays Decompiler
- User and kernel mode debuggers
- Common binary file formats
- Dynamic analysis tools
- Network analysis tools

Skills:
  • Knowledge of Windows, Mac and Linux operating system internals
  • Detailed understanding of the TCP/IP networking stack & network technologies
  • Working knowledge of full packet capture PCAP analysis and accompanying tools (Wireshark, etc.)
  • Proficient in programming (.NET, C/C++), scripting languages (e.g. Perl, Java, or Python), and regex
  • x86 assembly experience required
  • Expert knowledge of memory forensics to identify and understand memory resident malware
  • Strong organizational skills and mentoring
  • Strong verbal and written skills
  • Excellent interpersonal skills
  • Ability to distill highly technical subject matter to broader non-technical audiences

Relocation Eligible: Not Eligible for Relocation
Job Type: Regular


All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, or disability status.

PepsiCo is an Equal Opportunity Employer: Female / Minority / Disability / Protected Veteran / Sexual Orientation / Gender Identity

Our Company will consider for employment qualified applicants with criminal histories in a manner consistent with the requirements of the Fair Credit Reporting Act, and all other applicable laws, including but not limited to, San Francisco Police Code Sections 4901 - 4919, commonly referred to as the San Francisco Fair Chance Ordinance; and Chapter XVII, Article 9 of the Los Angeles Municipal Code, commonly referred to as the Fair Chance Initiative for Hiring Ordinance.

If you'd like more information about your EEO rights as an applicant under the law, please download the available EEO is the Law & EEO is the Law Supplement documents. View PepsiCo EEO Policy

Please view our Pay Transparency Statement