CrawlJobs Logo

Malware Researcher

jfrog.com Logo

JFrog

Location Icon

Location:
Israel , Netanya/Tel Aviv

Category Icon
Category:
IT - Software Development

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Job Description:

At JFrog, we’re reinventing DevOps to help the world’s greatest companies innovate. JFrog Security is one of the main pillars of the JFrog offering and long term strategy. We are pushing the boundaries of security analysis of both binaries and code, shifting left and bringing new and exciting features to both developers and DevOps. We are looking for an experienced malware researcher to join the team. As a Malware Researcher at JFrog, you will perform research on source code, compiled code, and various software supply chain attacks. The position requires proven experience in security nomenclature and an understanding of both high-level and low-level attacks.

Job Responsibility:

  • Research malicious code in public repositories from various coding languages and technologies
  • Define and implement ways to automatically detect malicious code in open source software
  • Write technical reports and outward-facing publications regarding all research subjects mentioned above

Requirements:

  • 3+ years malware research experience in any of the following languages: Native code (C, C++), .NET (C# etc), Python, Node.JS, Java, Go
  • Experience in writing technical reports
  • Programming experience in Python

Nice to have:

  • Binary reverse engineering experience
  • DevOps experience

Additional Information:

Job Posted:
March 05, 2026

Icon
JFrog - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Malware Researcher

Senior Security Researcher

We are looking for a Security Researcher who thrives on both sides of the fence....
Location
Location
Israel , Tel Aviv
Salary
Salary:
Not provided
island.io Logo
Island
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience in at least one of the following: security research, vulnerability research, malware analysis, threat intelligence, or detection engineering
  • Offensive security mindset with the ability to flip to the defensive side — finding attacks and building mitigations
  • Strong analytical skills — comfortable digging into unfamiliar code, protocols, or systems and figuring out how they break
  • Familiarity with operating system internals (Windows and/or macOS)
  • Hands-on experience with reverse engineering or dynamic/static analysis tools
  • Ability to write code for automation, tooling, and proof-of-concepts
  • Strong written and verbal communication — ability to write compelling research and present at conferences
Job Responsibility
Job Responsibility
  • Offensive Research: Discover new attack vectors, abuse patterns, and security gaps in browsers, web applications, OS internals, and enterprise workflows
  • Defensive Engineering: Design and implement detections, mitigations, and security policies informed by your offensive findings
  • close the loop from attack to protection
  • Vulnerability & Malware Analysis: Perform reverse engineering on malware, exploits, and obfuscated code across Windows, macOS, and browser environments
  • Web & Browser Security: Research techniques ranging from classic vulnerabilities (XSS, SSRF) to browser-specific primitives (extension abuse, DOM manipulation, same-origin bypasses)
  • Supply-Chain Security: Investigate threats in software supply chains, including browser extension marketplaces and package registries
  • Threat Intelligence: Correlate signals across multiple sources to identify malicious infrastructure and adversary TTPs
  • Public Impact: Write technical blog posts, publish research, and represent Island at major security conferences (Black Hat, DEF CON, etc.)
Read More
Arrow Right

Principal Security Researcher (Malware Research - Antivirus Systems)

Your Career: As a Principal Security Researcher (Antivirus Systems), we are look...
Location
Location
United States , Santa Clara
Salary
Salary:
162700.00 - 263175.00 USD / Year
paloaltonetworks.com Logo
Palo Alto Networks
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • BS/MS/PhD in Computer Science or Computer Engineering or equivalent military experience required
  • 6 to 8+ years of relevant experience preferred
  • Experience with Python/Golang programming language
  • Strong core Computer Engineering skills such as databases, operating systems, algorithms
  • Working knowledge and interest in learning common file formats (PE, Office, PDF etc)
  • Experience with malware analysis
  • Understanding of networking and core Internet protocols (TCP/IP, HTTP, FTP, SMTP)
  • Experience with a data pipeline based system with several moving components in a distributed cloud environment
  • Experience with developing in a public cloud environment such as GCP, AWS
  • Troubleshooting and virtualization experience in Linux
Job Responsibility
Job Responsibility
  • Develop new features for the automated anti-virus signature generation and delivery system
  • Research and implement signature algorithms for new file formats
  • Identify limitations/issues in existing signature algorithms and improve them
  • Research on and publish about innovations & emerging security trends
  • Fulltime
Read More
Arrow Right
New

Principal/Senior Security Researcher - Windows EDR (Cortex - XDR)

We are looking for a Security Researcher to join our Windows EDR behavioral dete...
Location
Location
Israel , Tel Aviv
Salary
Salary:
Not provided
paloaltonetworks.com Logo
Palo Alto Networks
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • In-depth knowledge of the inner-workings of operating systems (Especially Windows)
  • Intimate knowledge and understanding of attack methods and techniques over endpoints and enterprise networks
  • Vast experience and interest in malware research or development
  • Python software development experience
  • Comfortable conducting research and gathering insights by querying large databases
  • Ability to drive and own projects
  • Independent and team player, critical thinker
Job Responsibility
Job Responsibility
  • Research new methods to detect various attack techniques by utilizing enormous amounts and varied types of data
  • Use and develop statistical algorithms and techniques to create and improve our analytics detection capabilities
  • Take an active role in our collection modules by improving existing ones and investigating new ones to improve detection quality
  • Simulate attacks in the lab and conduct a deep analysis of the behavior
  • Be part of a diverse research group, improving our research processes to create a better product
  • Stay up to date with APTs, attacker methodologies, and TTPs
  • Fulltime
Read More
Arrow Right

Threat Intelligence Research Engineer

We’re looking for a Threat Intelligence Research Engineer who can bridge two wor...
Location
Location
United States , Orlando
Salary
Salary:
Not provided
threatlocker.com Logo
ThreatLocker
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years in cybersecurity research, threat intelligence, security engineering, SOC analysis, or malware analysis
  • Strong knowledge of attacker TTPs, MITRE ATT&CK, malware behavior, incident response, and threat hunting workflows
  • Hands-on familiarity with tools such as SIEMs, sandboxes, EDR platforms, packet analyzers, and OSINT frameworks
  • Ability to read logs, investigate incidents, and interpret technical artifacts
  • Proven experience writing technical reports, threat advisories, security research, or cybersecurity analysis
  • Ability to translate complex material into clear, concise content without losing technical accuracy
  • Strong editorial judgment and an understanding of narrative clarity and structure
  • Deep curiosity and a research-driven mindset
  • Commitment to accuracy, integrity, and evidence-backed analysis
  • Ability to juggle multiple research topics while meeting publishing deadlines
Job Responsibility
Job Responsibility
  • Monitor, analyze, and report on emerging threats, indicators of compromise (IOCs), tactics, techniques, and procedures (TTPs), and global threat trends
  • Investigate vulnerabilities, misconfigurations, malware behavior, ransomware campaigns, and exploit chains
  • Conduct independent research on threat actors, intrusion patterns, and security gaps relevant to our customer base
  • Collaborate with internal engineering, SOC, and threat teams to access proprietary intelligence and validate findings
  • Produce clear, defensible, and high-accuracy analysis based on data and technical evidence
  • Transform threat research into high-quality reports, whitepapers, blogs, briefs, advisories, and thought-leadership content
  • Write in a way that resonates with cybersecurity professionals, executives, and IT leaders
  • Contribute to articles under the names of internal subject matter experts (SMEs) to elevate their voices and strengthen company authority
  • Develop clear visuals, diagrams, and technical explanations to support complex research
  • Ensure all content is technically rigorous, original, and aligned with our Zero Trust security philosophy
Read More
Arrow Right

Principal Malware Reverse Engineer

As a member of the Malware and Countermeasures Unit (MCU), you will be working c...
Location
Location
United States , Santa Clara
Salary
Salary:
162700.00 - 263175.00 USD / Year
paloaltonetworks.com Logo
Palo Alto Networks
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • BS/MS/PhD in Computer Science or Computer Engineering with 2+ years of experience
  • Proficiency in Python
  • Experience with malware analysis
  • Experience with disassemblers such as IDA Pro, Ghidra, or Binary Ninja
  • Experience with debuggers such as windbg, gdb, ollydbg, or x64dbg
Job Responsibility
Job Responsibility
  • Reverse engineer malware via static and dynamic methods
  • Collaboration with our Threat Intelligence team to analyze and develop detection coverage for the latest threats
  • Implement automated malware analysis tools
  • Research and prototype novel automated malware detection techniques
  • Communicate with product engineering teams to improve detection efficacy in our ecosystem of products
What we offer
What we offer
  • restricted stock units
  • bonus
  • Fulltime
Read More
Arrow Right

Malware Reverse Engineer, Senior

Do you enjoy the thrill of the hunt? Are you motivated by the head-to-head chall...
Location
Location
United States , Fort Meade
Salary
Salary:
86900.00 - 198000.00 USD / Year
boozallen.com Logo
Booz Allen Hamilton
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience with using industry standard static and dynamic analysis tools, including disassemblers, debuggers, virtual machines, and hex editors
  • Experience in a scripting language such as Python or JavaScript
  • Experience with development or reverse engineering of Windows API targets
  • Experience with the identification and classification of malware families based on standard taxonomy and typical malware attack methodologies for both Windows and Linux
  • Knowledge of operating systems, including Windows, Linux, and Mac, application behaviors, and network traffic analysis to identify malware exploits
  • Experience with vulnerability research and exploitation methodologies such as fuzzing, shellcode, and leveraging memory corruption vulnerabilities
  • Ability to analyze shellcode, packed or obfuscated code, and the associated algorithms, and capture and interpret traces using Wireshark
  • Ability to read C/C++, C#, Go, Java, JavaScript, Python, or Rust
  • TS/SCI clearance with a polygraph
  • Bachelor's degree and 5+ years of experience in malware reverse engineering, or Master's degree and 3+ years of experience in malware reverse engineering
Job Responsibility
Job Responsibility
  • Apply vulnerability analysis, network mapping, exploitation, defensive, and IT logging process experience to execute offensive cyber operations
  • Develop offensive cyber operations that are essential to providing national security
What we offer
What we offer
  • Health, life, disability, financial, and retirement benefits
  • Paid leave
  • Professional development
  • Tuition assistance
  • Work-life programs
  • Dependent care
  • Recognition awards program
Read More
Arrow Right
New

Principal Software Engineer (Malware Detection)

As a member of the Wildfire team, you will be responsible for prototyping, and r...
Location
Location
United States , Santa Clara
Salary
Salary:
162700.00 - 263175.00 USD / Year
paloaltonetworks.com Logo
Palo Alto Networks
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Proficient in C++, Python and Linux development environment
  • 6+ years experience as a Security Researcher or Software Engineer
  • Experience working on sandbox technology and malware analysis
  • Experience with large scale File/Data Parsing development is preferred
  • Understanding of cloud service and Kubernetes are preferred
  • Ability to work with small teams to solve complex problems
  • Can-do attitude on problem-solving, quality and ability to execute
  • BS/MS/PhD in computer science/engineering, or equivalent experience
Job Responsibility
Job Responsibility
  • Work on designing and renovating the Wildfire analyzer to advance into a new generation of multi platforms cloud service platform, for both static and dynamic analysis
  • Work with threat researchers to analyze malware and security threats to determine and close the gaps in coverage with new or improved static and dynamic analysis
  • Architect and design with the team and document complex systems
  • Write scalable and testable software using modern cloud architectures
  • Collaborate within the team and across organizations to influence and achieve the end goal
  • Expand cloud offering to improve detection against new malware threats
What we offer
What we offer
  • restricted stock units
  • bonus
  • Fulltime
Read More
Arrow Right

Senior Security Researcher

Join a team that’s pushing the frontier of modern security research by combining...
Location
Location
India , Bangalore
Salary
Salary:
Not provided
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 7+ years of hands‑on experience in security research, threat analysis, malware analysis, or detection engineering, with demonstrated depth in endpoint security
  • Strong understanding of attacker tradecraft, including persistence, privilege escalation, lateral movement, and defense evasion techniques
  • Proven experience conducting research on Linux and/or macOS internals, endpoint telemetry, or OS‑level attack surfaces
  • Proficiency in at least one scripting or systems language (e.g., Python, C/C++, Go, Rust) used for analysis, tooling, or prototyping
  • Demonstrated ability to independently drive ambiguous, open‑ended investigations from hypothesis to actionable outcome
  • Strong analytical skills for correlating noisy telemetry into attacker‑relevant signals
  • Experience translating deep technical findings into clear, decision‑ready insights for engineering and leadership audiences
  • Proven ability to collaborate effectively across research, engineering, and product teams
  • Experience mentoring or technically leading other researchers without formal people management responsibilities
  • High bar for research quality, operational security, and responsible handling of sensitive techniques and data
Job Responsibility
Job Responsibility
  • Lead in‑depth investigations of real‑world attacker campaigns, malware, and post‑exploitation techniques across endpoint environments, with emphasis on Linux and macOS platforms
  • Decompose attack chains, map techniques to MITRE ATT&CK, and maintain high‑fidelity adversary and TTP dossiers that inform protection strategy
  • Identify emerging attack classes, tradecraft shifts, and detection gaps before they are widely exploited
  • Design and prototype behavior‑based detections, heuristics, and research‑grade signals that can be operationalized into production protections
  • Partner with engineering and applied ML teams to translate research findings into scalable, reliable detections with clear acceptance criteria and performance trade‑offs
  • Evaluate detection efficacy using offline and online telemetry and continuously refine based on real‑world attacker behavior
  • Contribute to the design of AI‑assisted and agentic investigation pipelines that automate repetitive analysis steps and amplify researcher productivity
  • Shape how attacker techniques, evidence, and hypotheses are represented in systems that enable campaign discovery and proactive hunting at scale
  • Ensure research outputs are structured, explainable, and safe for use in automated or semi‑automated workflows
  • Act as a senior escalation point for complex security incidents, providing expert guidance on attacker behavior, containment strategies, and long‑term mitigation
  • Fulltime
Read More
Arrow Right