CrawlJobs Logo
JFrog Logo JFrog · IT - Software Development

Malware Researcher

Israel, Netanya/Tel Aviv · Job Posted June 15, 2026
Apply Position
Job Link Share

Job Description

At JFrog, we’re reinventing DevOps to help the world’s greatest companies innovate – and we want you along for the ride. This is a special place with a unique combination of brilliance, spirit and just all-around great people. Here, if you’re willing to do more, your career can take off. And since software plays a central role in everyone’s lives, you’ll be part of an important mission. Thousands of customers, including the majority of the Fortune 100, trust JFrog to manage, accelerate, and secure their software delivery from code to production – a concept we call “liquid software.” Wouldn't it be amazing if you could join us on our journey? JFrog Security is one of the main pillars of the JFrog offering and long-term strategy. We are pushing the boundaries of security analysis of both binaries and code, shifting left and bringing new and exciting features to both developers and DevOps. We are looking for an experienced malware researcher to join the team. As a Malware Researcher at JFrog, you will perform research on source code, compiled code, and various software supply chain attacks. The position requires proven experience in security nomenclature and an understanding of both high-level and low-level attacks.

Job Responsibility

  • Research malicious code in public repositories from various coding languages and technologies
  • Define and implement ways to automatically detect malicious code in open-source software
  • Write technical reports and outward-facing publications regarding all research subjects mentioned above

Requirements

  • 3+ years malware research experience in any of the following languages: Native code (C, C++), .NET (C# etc), Python, Node.JS, Java, Go
  • Experience in writing technical reports
  • Programming experience in Python
  • Advantage – Binary reverse engineering experience
  • Advantage – DevOps experience

Nice to have

  • Binary reverse engineering experience
  • DevOps experience
JFrog - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Malware Researcher

8 matching positions

Malware Researcher

At JFrog, we’re reinventing DevOps to help the world’s greatest companies innova...
Location
Location
Israel , Netanya/Tel Aviv
Salary
Salary:
Not provided
jfrog.com Logo
JFrog
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 3+ years malware research experience in any of the following languages: Native code (C, C++), .NET (C# etc), Python, Node.JS, Java, Go
  • Experience in writing technical reports
  • Programming experience in Python
Job Responsibility
Job Responsibility
  • Research malicious code in public repositories from various coding languages and technologies
  • Define and implement ways to automatically detect malicious code in open source software
  • Write technical reports and outward-facing publications regarding all research subjects mentioned above
Read More
Arrow Right

Principal Security Researcher (Malware Research - Antivirus Systems)

Your Career: As a Principal Security Researcher (Antivirus Systems), we are look...
Location
Location
United States , Santa Clara
Salary
Salary:
162700.00 - 263175.00 USD / Year
paloaltonetworks.com Logo
Palo Alto Networks
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • BS/MS/PhD in Computer Science or Computer Engineering or equivalent military experience required
  • 6 to 8+ years of relevant experience preferred
  • Experience with Python/Golang programming language
  • Strong core Computer Engineering skills such as databases, operating systems, algorithms
  • Working knowledge and interest in learning common file formats (PE, Office, PDF etc)
  • Experience with malware analysis
  • Understanding of networking and core Internet protocols (TCP/IP, HTTP, FTP, SMTP)
  • Experience with a data pipeline based system with several moving components in a distributed cloud environment
  • Experience with developing in a public cloud environment such as GCP, AWS
  • Troubleshooting and virtualization experience in Linux
Job Responsibility
Job Responsibility
  • Develop new features for the automated anti-virus signature generation and delivery system
  • Research and implement signature algorithms for new file formats
  • Identify limitations/issues in existing signature algorithms and improve them
  • Research on and publish about innovations & emerging security trends
  • Fulltime
Read More
Arrow Right

Sr Principal/Principal Windows Malware Security Researcher

We are looking for a Windows Malware Security Researcher for our Tel Aviv R&D ce...
Location
Location
Israel , Tel Aviv
Salary
Salary:
Not provided
paloaltonetworks.com Logo
Palo Alto Networks
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • At least 5 years of experience in the cyber security research domain
  • In-depth knowledge of Windows operating system internals (both user-mode and kernel-mode) - at least 3 years of hands-on research experience
  • In-depth knowledge of C/C++, with hands-on development experience using C/C++ (Win32 API) in a Windows environment
  • Experience with anti-RE techniques such as anti-debug, anti-VM, unpacking, etc.
  • Strong knowledge of the cyber threat landscape, including APTs (Advanced Persistent Threats) and modern malware techniques
  • Strong dynamic analysis skills with hands-on experience using debuggers such as WinDbg, x64dbg, OllyDbg, or similar
  • Strong static analysis skills with hands-on experience using disassemblers such as IDA Pro and Ghidra
  • Proficiency in Python
  • Knowledge of networking and internet protocols
  • A major advantage to candidates with at least 2 years of experience in at least one of the following: EDR/XDR products, Windows kernel development, low-level security solution development, Windows exploitation, or vulnerability research
Job Responsibility
Job Responsibility
  • Playing a pivotal role in shaping the future of our security solutions
  • Enhance the effectiveness of our EDR product by designing cutting-edge protection components and developing sophisticated prevention rules
  • Researching OS internals and how Windows works under the hood - leveraging this knowledge to develop and improve our anti-malware mechanisms and capabilities
  • Research and lead novel protection ideas to production-grade level, serving as the feature subject matter expert
  • Research new malware and APT mitigation techniques and develop corresponding capabilities (POC level), or improve existing mitigation capabilities
  • Respond to malware-based security events at clients' networks
  • Stay up to date with current malware and APT techniques
  • Provide feedback to the product management team on new feature requests and product enhancements from our customer base
  • Find new malware techniques and APT attacks, including analysis of caught-in-the-wild malware
  • Operate independently end-to-end - from initial threat idea, through research and POC, to handing off a production-ready design to core agent engineering with clear specs, test cases, and edge-case analysis
  • Fulltime
Read More
Arrow Right

Senior Security Monitoring and Response Analyst

Mastercard powers economies and empowers people in 200+ countries and territorie...
Location
Location
United Kingdom , London
Salary
Salary:
Not provided
mastercard.com Logo
Mastercard
Expiration Date
November 30, 2026
Flip Icon
Requirements
Requirements
  • Direct experience in a Security Operations Center (SOC)
  • Experience working in an incident response or digital forensics role
  • Demonstrated experience with cybersecurity related disciplines, not limited to: e.g. vulnerability research, network traffic analysis, static and dynamic malware analysis, digital forensics, memory analysis, web-security and threat hunting.
Job Responsibility
Job Responsibility
  • Providing monitoring coverage, triage and investigation of escalated alerts (T3) from various sources
  • Responding to cybersecurity incidents through critical thinking, defining, and applying playbook responses
  • Applying root cause analysis and lessons learned to improve security posture and processes
  • Working closely with security engineering, threat intelligence, insider threat and a managed SOC service, providing critical feedback to improve and automate monitoring and response
  • Strong collaboration with the team to develop knowledge base, playbook and use cases
  • Proactive initiatives and project-related support by providing subject matter expertise
  • Ability to work independently as well as collaborate with different teams to assess impact, mitigate risk, and resolve security incidents.
  • Fulltime
Read More
Arrow Right

Senior Manager, Cyber Threat Researcher, Cyber Intelligence (Remote Eligible)

The mission of Capital One’s Cyber Intelligence service is to leverage cyber thr...
Location
Location
United States , McLean; Richmond; New York; Plano; Chicago
Salary
Salary:
209000.00 - 286200.00 USD / Year
capitalone.com Logo
Capital One
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • High School Diploma, GED or equivalent certification
  • At least 6 years of experience working in cybersecurity or information technology
  • At least 6 years of experience working in incident response, threat hunting, threat intelligence, forensics, or offensive security
  • At least 5 years of experience in conducting investigations or research into cyber-enabled fraud, cybercrime, or advanced persistent threats
  • At least 3 years of experience with cyber threat intelligence threat frameworks such as Lockheed Martin Cyber Kill Chain, Diamond Model, MITRE ATT&CK, ATLAS, Defense or Engage
  • At least 3 years of experience in programming or scripting with Python, Perl, PHP, PowerShell or SQL
Job Responsibility
Job Responsibility
  • Create mechanisms to "connects the dots" between different internal and external data sources in order to combine "signals" in data that automatically highlight cyber threats across advanced enterprise threat activities and fraud activity
  • Maintain industry-wide expertise of the current cyber threat landscape and attack vectors
  • Synthesize disparate sets of data from sources such as malware, cyber attack patterns, closed and open-source intelligence, and tokenized consumer flows to inform instrumentation, detections, and threat narratives such as storyboards
  • Build productive relationships with internal teams to contextualize, influence and inform Capital One's business units on emerging threats
  • Communicate investigative outcomes with technical architecture context and conclusions to a variety of audiences, including company senior leadership and business partners
What we offer
What we offer
  • Performance based incentive compensation, which may include cash bonus(es) and/or long term incentives (LTI)
  • comprehensive, competitive, and inclusive set of health, financial and other benefits
  • Fulltime
Read More
Arrow Right

Principal Consultant, Red Team

The Principal Consultant on the Offensive Security team is focused on assessing ...
Location
Location
United Arab Emirates , Dubai
Salary
Salary:
Not provided
paloaltonetworks.com Logo
Palo Alto Networks
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 6+ years of professional experience leading Red & Purple team engagements, Advanced Attack Simulations, OSINT research, social engineering techniques, bespoke security assessments and exploit development
  • Experience testing a range of technologies (Active Directory, major OSs, cloud environments, IoT / OT) and using a range of security tools and technologies inc AI-enabled to automate and tailor engagements
  • Demonstrate a deep understanding of how malicious software works (i.e.-malware, trojans, rootkits, etc.)
  • Ability to modify known and/or craft custom exploits manually without dependence on consumer tools such as Metasploit
  • Strong knowledge of tools and techniques used to conduct network, wireless, and web application penetration testing
  • Familiarity with web application penetration testing and code auditing to find security gaps and vulnerabilities
  • Experience with penetration testing, administering, and troubleshooting major flavors of Linux, Windows, and major cloud IaaS, PaaS, and SaaS providers (i.e., AWS, GCP, and Azure)
  • Experience with scripting and editing existing code and programming using one or more of the following - Perl, Python, ruby, bash, C/C++, C#, or Java
  • Experience with security assessment tools, including Nessus, OpenVAS, MobSF Metasploit, Burp Suite Pro, Cobalt Strike, Bloodhound, and Empire
  • Knowledge of application, database, and web server design and implementation
Job Responsibility
Job Responsibility
  • Performs client penetration testing to find any vulnerabilities or weaknesses that might be exploited by a malicious party, using open-source, custom, and commercial testing tools - Red Team experience essential
  • Ability to assist in scoping engagements by clearly articulating various penetration approaches and methodologies to audiences ranging from highly technical to executive personnel
  • Report generation that clearly communicates testing and assessment details, results, and remediation recommendations to clients
  • Develop scripts, tools, and methodologies to automate and streamline internal processes and engagements
  • Conducts periodic scans of networks to find and detect vulnerabilities
  • Conducts IT application testing, cybersecurity tool and systems analysis, system and network administration, and systems engineering support for the sustainment of information technology systems (mobile application testing, penetration testing, application, security, and hardware testing)
  • Conduct threat hunting and/or compromise assessment engagements to identify active or dormant indicators of compromise (IoCs) using Crypsis and Palo Alto Networks’ threat hunting tools (and/or client owned hunting instrumentation where applicable)
  • Conduct cloud penetration testing engagements to assess specific workloads (i.e., AWS, GCP, Azure, containers, or other PaaS and SaaS instances) for vulnerabilities and subsequently attempt to exploit identified weakness after receiving permission from client stakeholders
  • Provide recommendations to clients on specific security measures to monitor and protect sensitive data and systems from infiltration and cyber-attacks including response and recovery of a data security breach
  • Fulltime
Read More
Arrow Right

Is Security Engineer

At Amgen, if you feel like you’re part of something bigger, it’s because you are...
Location
Location
United States , Thousand Oaks
Salary
Salary:
123219.00 USD / Year
amgen.com Logo
Amgen
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Master's degree (or foreign equivalent) in Cybersecurity, Computer Engineering Computer Science, Information Technology or related field & completion of a university-level course, research project, internship, thesis, or one year of experience in: 1. Implement the basic security principles and concepts related to information systems
  • 2. Conduct risk assessments and create related security plans
  • 3. Security risk Management Methodologies to create policies and procedures to manage security risks
  • 4. Windows Security, Reverse engineering and binary analysis
  • 5. Viruses, worms, malware and malicious code
  • 6. Botnets and Language security
  • 7. Articulate components of Critical Infrastructure and Key Resources that require protection
  • 8. Analyze and evaluate proposed and existing information security policies, practices and procedures in order to assess potential liabilities.
Job Responsibility
Job Responsibility
  • Support Incident Response (IR) Operations and to ensure continuity of 24/7 security services
  • Execute the Global Incident Management Program in accordance with industry frameworks (e.g., SANS PICERL)
  • Support Incident Response Commander and is directly responsible for IR activities
  • Revise and develop processes to strengthen Security Operations and Incident Response
  • Lead coordination efforts with necessary partners to better understand activity or actions and their impact to Amgen's environment
  • Translate complex technical incidents into business language and be able to present the same to different audiences
  • Demonstrate, integrate, and collaborate on enhancing existing information security solutions and services to address any gaps or deficiencies in the Cybersecurity Operations Center (CSOC) to address security risks
  • Collaborate with other Information Security teams and provide CSOC insight to where limited information security controls or solutions are present
What we offer
What we offer
  • stock
  • retirement
  • medical
  • life and disability insurance
  • eligibility for an annual bonus
  • Retirement and Savings Plan with generous company contributions
  • group medical, dental and vision coverage
  • flexible spending accounts
  • discretionary annual bonus program
  • stock-based long-term incentives
  • Fulltime
Read More
Arrow Right

Principal Security Researcher (DNS Security)

The DNS Security Research team delivers high-quality content to our products to ...
Location
Location
United States , Santa Clara
Salary
Salary:
162700.00 - 263175.00 USD / Year
paloaltonetworks.it Logo
Palo Alto Networks Italia
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • PhD in Computer Science, Cyber Security or Machine Learning or equivalent experience
  • 2+ years of Security research experience
  • Creative thinker and team player. Have great passion and be highly self-motivated in data-driven security research
  • Expertise in DNS and IPv4/IPv6
  • Good knowledge of machine learning techniques and algorithms, such as k-NN, Naive Bayes, SVM, Decision Trees, Logistic Regression, Deep Learning, and Boosting
  • Familiar with large-language models (LLMs) and experience to leverage them to address cybersecurity threats
  • Excellent programming skills in Python, Shell script, Go, or SQL
  • Understanding of core network protocols (TCP/IP, HTTP/HTTPS, etc.)
  • Knowledge and experience with modern databases and big data tools, such as MySQL, MongoDB, Elasticsearch, Redis, BigQuery
  • Be comfortable working independently, efficiently
Job Responsibility
Job Responsibility
  • Track and research emerging threats and innovate new ways to identify malicious indicators used by malware and attacks, including domains, URLs, IP addresses, sha256, email addresses, etc.
  • Design and build scalable and extensible prevention/detection systems
  • Leverage data-driven approaches, such as statistical analysis, machine learning, and other advanced techniques
  • Convert research results and discoveries into products, research papers, etc.
What we offer
What we offer
  • restricted stock units
  • bonus
  • employee benefits
  • Fulltime
Read More
Arrow Right