CrawlJobs Logo
JFrog Logo JFrog · IT - Software Development

Malware Researcher

Israel, Netanya/Tel Aviv · Job Posted March 05, 2026
Apply Position
Job Link Share

Job Description

At JFrog, we’re reinventing DevOps to help the world’s greatest companies innovate. JFrog Security is one of the main pillars of the JFrog offering and long term strategy. We are pushing the boundaries of security analysis of both binaries and code, shifting left and bringing new and exciting features to both developers and DevOps. We are looking for an experienced malware researcher to join the team. As a Malware Researcher at JFrog, you will perform research on source code, compiled code, and various software supply chain attacks. The position requires proven experience in security nomenclature and an understanding of both high-level and low-level attacks.

Job Responsibility

  • Research malicious code in public repositories from various coding languages and technologies
  • Define and implement ways to automatically detect malicious code in open source software
  • Write technical reports and outward-facing publications regarding all research subjects mentioned above

Requirements

  • 3+ years malware research experience in any of the following languages: Native code (C, C++), .NET (C# etc), Python, Node.JS, Java, Go
  • Experience in writing technical reports
  • Programming experience in Python

Nice to have

  • Binary reverse engineering experience
  • DevOps experience
JFrog - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Malware Researcher

8 matching positions

Malware Researcher

At JFrog, we’re reinventing DevOps to help the world’s greatest companies innova...
Location
Location
Israel , Netanya/Tel Aviv
Salary
Salary:
Not provided
jfrog.com Logo
JFrog
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 3+ years malware research experience in any of the following languages: Native code (C, C++), .NET (C# etc), Python, Node.JS, Java, Go
  • Experience in writing technical reports
  • Programming experience in Python
  • Advantage – Binary reverse engineering experience
  • Advantage – DevOps experience
Job Responsibility
Job Responsibility
  • Research malicious code in public repositories from various coding languages and technologies
  • Define and implement ways to automatically detect malicious code in open-source software
  • Write technical reports and outward-facing publications regarding all research subjects mentioned above
Read More
Arrow Right

Principal Security Researcher (Malware Research - Antivirus Systems)

Your Career: As a Principal Security Researcher (Antivirus Systems), we are look...
Location
Location
United States , Santa Clara
Salary
Salary:
162700.00 - 263175.00 USD / Year
paloaltonetworks.com Logo
Palo Alto Networks
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • BS/MS/PhD in Computer Science or Computer Engineering or equivalent military experience required
  • 6 to 8+ years of relevant experience preferred
  • Experience with Python/Golang programming language
  • Strong core Computer Engineering skills such as databases, operating systems, algorithms
  • Working knowledge and interest in learning common file formats (PE, Office, PDF etc)
  • Experience with malware analysis
  • Understanding of networking and core Internet protocols (TCP/IP, HTTP, FTP, SMTP)
  • Experience with a data pipeline based system with several moving components in a distributed cloud environment
  • Experience with developing in a public cloud environment such as GCP, AWS
  • Troubleshooting and virtualization experience in Linux
Job Responsibility
Job Responsibility
  • Develop new features for the automated anti-virus signature generation and delivery system
  • Research and implement signature algorithms for new file formats
  • Identify limitations/issues in existing signature algorithms and improve them
  • Research on and publish about innovations & emerging security trends
  • Fulltime
Read More
Arrow Right

Sr Principal/Principal Windows Malware Security Researcher

We are looking for a Windows Malware Security Researcher for our Tel Aviv R&D ce...
Location
Location
Israel , Tel Aviv
Salary
Salary:
Not provided
paloaltonetworks.com Logo
Palo Alto Networks
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • At least 5 years of experience in the cyber security research domain
  • In-depth knowledge of Windows operating system internals (both user-mode and kernel-mode) - at least 3 years of hands-on research experience
  • In-depth knowledge of C/C++, with hands-on development experience using C/C++ (Win32 API) in a Windows environment
  • Experience with anti-RE techniques such as anti-debug, anti-VM, unpacking, etc.
  • Strong knowledge of the cyber threat landscape, including APTs (Advanced Persistent Threats) and modern malware techniques
  • Strong dynamic analysis skills with hands-on experience using debuggers such as WinDbg, x64dbg, OllyDbg, or similar
  • Strong static analysis skills with hands-on experience using disassemblers such as IDA Pro and Ghidra
  • Proficiency in Python
  • Knowledge of networking and internet protocols
  • A major advantage to candidates with at least 2 years of experience in at least one of the following: EDR/XDR products, Windows kernel development, low-level security solution development, Windows exploitation, or vulnerability research
Job Responsibility
Job Responsibility
  • Playing a pivotal role in shaping the future of our security solutions
  • Enhance the effectiveness of our EDR product by designing cutting-edge protection components and developing sophisticated prevention rules
  • Researching OS internals and how Windows works under the hood - leveraging this knowledge to develop and improve our anti-malware mechanisms and capabilities
  • Research and lead novel protection ideas to production-grade level, serving as the feature subject matter expert
  • Research new malware and APT mitigation techniques and develop corresponding capabilities (POC level), or improve existing mitigation capabilities
  • Respond to malware-based security events at clients' networks
  • Stay up to date with current malware and APT techniques
  • Provide feedback to the product management team on new feature requests and product enhancements from our customer base
  • Find new malware techniques and APT attacks, including analysis of caught-in-the-wild malware
  • Operate independently end-to-end - from initial threat idea, through research and POC, to handing off a production-ready design to core agent engineering with clear specs, test cases, and edge-case analysis
  • Fulltime
Read More
Arrow Right

Penetration Tester: NATO Secret or UK Security Check

Lead and/or participate in Red Team and Blue Team activities during NATO militar...
Location
Location
Belgium , Braine-l’Alleud
Salary
Salary:
600.00 EUR / Day
global-technologysolutions.com Logo
Global Technology Solutions Ltd.
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum 3 years hands-on experience in web application penetration testing
  • IT infrastructure penetration testing
  • network security architecture and design
  • identification and assessment of security vulnerabilities across operating systems, software, protocols, and networks
  • research and evaluation of security technologies and products
  • system and network administration of UNIX and Windows environments
  • practical use of penetration testing tools, techniques, and recognized testing methodologies
  • scripting proficiency in at least one of the following languages: Perl, Python, Ruby, or Shell scripting (Bash, KSH, CSH)
  • strong technical expertise in system and network security, authentication mechanisms, security protocols, cryptography, application security, malware infection techniques, and protection technologies
  • ability to assess security risks and develop effective mitigation strategies and remediation plans
Job Responsibility
Job Responsibility
  • Lead and/or participate in Red Team and Blue Team activities during NATO military exercises
  • conduct web application, infrastructure, and application-level penetration testing
  • perform security design reviews to ensure compliance with NATO policies, directives, and security requirements
  • provide security consultancy and expert guidance to projects, programmes, plans, and other stakeholders
  • establish and maintain effective communication with key stakeholders, including the NCIA Configuration Control Board, Security Accreditation Boards, NATO Security Accreditation Authorities, and NCI Agency organizational units involved in accreditation processes
Read More
Arrow Right

MDR Analyst, Unit 42

We are seeking a driven problem solver to join our Unit 42 MDR team. Our team is...
Location
Location
Australia , North Sydney
Salary
Salary:
Not provided
paloaltonetworks.it Logo
Palo Alto Networks Italia
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 3+ years of experience in a multi tiered SOC/IR is a must
  • Experienced with Technologies such as EDR, SIEM, SOAR, FW
  • A well established familiarity with attack trends and vectors
  • Excellent written and oral communication skills in English
  • Some degree of Malware Analysis or equivalent military experience - An advantage
  • CEH / CompTIA CYSA+ certifications - An advantage
  • Hands-on experience with Cortex XSOAR or Cortex XDR - An advantage
Job Responsibility
Job Responsibility
  • Join a new emerging team who is going to be part of Palo Alto’s Unit 42, Working closely with global customers providing the best security in the market
  • Own an incident lifecycle from outbreak to full remediation
  • Provide critical feedback to the different product, research and engineering and threat hunting teams to help improve the products for the entire Palo Alto Networks’ customer base
  • Work closely with Security Research, Threat Intelligence and Threat Hunting teams to remediate and detect new emerging threats
  • This position requires flexibility to work primarily during morning and afternoon hours however, occasional night shifts may be required depending on business demands
Read More
Arrow Right

Senior Security Monitoring and Response Analyst

Mastercard powers economies and empowers people in 200+ countries and territorie...
Location
Location
United Kingdom , London
Salary
Salary:
Not provided
mastercard.com Logo
Mastercard
Expiration Date
November 30, 2026
Flip Icon
Requirements
Requirements
  • Direct experience in a Security Operations Center (SOC)
  • Experience working in an incident response or digital forensics role
  • Demonstrated experience with cybersecurity related disciplines, not limited to: e.g. vulnerability research, network traffic analysis, static and dynamic malware analysis, digital forensics, memory analysis, web-security and threat hunting.
Job Responsibility
Job Responsibility
  • Providing monitoring coverage, triage and investigation of escalated alerts (T3) from various sources
  • Responding to cybersecurity incidents through critical thinking, defining, and applying playbook responses
  • Applying root cause analysis and lessons learned to improve security posture and processes
  • Working closely with security engineering, threat intelligence, insider threat and a managed SOC service, providing critical feedback to improve and automate monitoring and response
  • Strong collaboration with the team to develop knowledge base, playbook and use cases
  • Proactive initiatives and project-related support by providing subject matter expertise
  • Ability to work independently as well as collaborate with different teams to assess impact, mitigate risk, and resolve security incidents.
  • Fulltime
Read More
Arrow Right

Senior Manager, Cyber Threat Researcher, Cyber Intelligence (Remote Eligible)

The mission of Capital One’s Cyber Intelligence service is to leverage cyber thr...
Location
Location
United States , McLean; Richmond; New York; Plano; Chicago
Salary
Salary:
209000.00 - 286200.00 USD / Year
capitalone.com Logo
Capital One
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • High School Diploma, GED or equivalent certification
  • At least 6 years of experience working in cybersecurity or information technology
  • At least 6 years of experience working in incident response, threat hunting, threat intelligence, forensics, or offensive security
  • At least 5 years of experience in conducting investigations or research into cyber-enabled fraud, cybercrime, or advanced persistent threats
  • At least 3 years of experience with cyber threat intelligence threat frameworks such as Lockheed Martin Cyber Kill Chain, Diamond Model, MITRE ATT&CK, ATLAS, Defense or Engage
  • At least 3 years of experience in programming or scripting with Python, Perl, PHP, PowerShell or SQL
Job Responsibility
Job Responsibility
  • Create mechanisms to "connects the dots" between different internal and external data sources in order to combine "signals" in data that automatically highlight cyber threats across advanced enterprise threat activities and fraud activity
  • Maintain industry-wide expertise of the current cyber threat landscape and attack vectors
  • Synthesize disparate sets of data from sources such as malware, cyber attack patterns, closed and open-source intelligence, and tokenized consumer flows to inform instrumentation, detections, and threat narratives such as storyboards
  • Build productive relationships with internal teams to contextualize, influence and inform Capital One's business units on emerging threats
  • Communicate investigative outcomes with technical architecture context and conclusions to a variety of audiences, including company senior leadership and business partners
What we offer
What we offer
  • Performance based incentive compensation, which may include cash bonus(es) and/or long term incentives (LTI)
  • comprehensive, competitive, and inclusive set of health, financial and other benefits
  • Fulltime
Read More
Arrow Right

Principal Consultant, Red Team

The Principal Consultant on the Offensive Security team is focused on assessing ...
Location
Location
United Arab Emirates , Dubai
Salary
Salary:
Not provided
paloaltonetworks.com Logo
Palo Alto Networks
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 6+ years of professional experience leading Red & Purple team engagements, Advanced Attack Simulations, OSINT research, social engineering techniques, bespoke security assessments and exploit development
  • Experience testing a range of technologies (Active Directory, major OSs, cloud environments, IoT / OT) and using a range of security tools and technologies inc AI-enabled to automate and tailor engagements
  • Demonstrate a deep understanding of how malicious software works (i.e.-malware, trojans, rootkits, etc.)
  • Ability to modify known and/or craft custom exploits manually without dependence on consumer tools such as Metasploit
  • Strong knowledge of tools and techniques used to conduct network, wireless, and web application penetration testing
  • Familiarity with web application penetration testing and code auditing to find security gaps and vulnerabilities
  • Experience with penetration testing, administering, and troubleshooting major flavors of Linux, Windows, and major cloud IaaS, PaaS, and SaaS providers (i.e., AWS, GCP, and Azure)
  • Experience with scripting and editing existing code and programming using one or more of the following - Perl, Python, ruby, bash, C/C++, C#, or Java
  • Experience with security assessment tools, including Nessus, OpenVAS, MobSF Metasploit, Burp Suite Pro, Cobalt Strike, Bloodhound, and Empire
  • Knowledge of application, database, and web server design and implementation
Job Responsibility
Job Responsibility
  • Performs client penetration testing to find any vulnerabilities or weaknesses that might be exploited by a malicious party, using open-source, custom, and commercial testing tools - Red Team experience essential
  • Ability to assist in scoping engagements by clearly articulating various penetration approaches and methodologies to audiences ranging from highly technical to executive personnel
  • Report generation that clearly communicates testing and assessment details, results, and remediation recommendations to clients
  • Develop scripts, tools, and methodologies to automate and streamline internal processes and engagements
  • Conducts periodic scans of networks to find and detect vulnerabilities
  • Conducts IT application testing, cybersecurity tool and systems analysis, system and network administration, and systems engineering support for the sustainment of information technology systems (mobile application testing, penetration testing, application, security, and hardware testing)
  • Conduct threat hunting and/or compromise assessment engagements to identify active or dormant indicators of compromise (IoCs) using Crypsis and Palo Alto Networks’ threat hunting tools (and/or client owned hunting instrumentation where applicable)
  • Conduct cloud penetration testing engagements to assess specific workloads (i.e., AWS, GCP, Azure, containers, or other PaaS and SaaS instances) for vulnerabilities and subsequently attempt to exploit identified weakness after receiving permission from client stakeholders
  • Provide recommendations to clients on specific security measures to monitor and protect sensitive data and systems from infiltration and cyber-attacks including response and recovery of a data security breach
  • Fulltime
Read More
Arrow Right