Sr. Malware Analysis Automation Engineer
Our Security team supports the unwritten fourth tenet of Slack’s mission: make people’s working lives more secure. We’re serious about protecting our infrastructure, operations, and most importantly, our customers’ data. We take a systemic approach to security, and strive to ensure we provide low friction high-impact security across everything we do.
As a member of the Slack Security Customer Protection team, you are the first line of detection of bad actors using Slack in unwanted and unexpected ways. As Slack’s data, customers, and features grow, protecting customers’ data from unwanted behaviors becomes an ever more important and challenging problem. The Security Customer Protection team develops and uses tooling to tease out high-quality signal from all the noise, to detect unwanted behaviors, such as abuse of users, workspaces, or tokens. Your work directly impacts the way millions of people, teams and businesses get things done.
Slack has a positive, diverse, and supportive culture—we look for people who are curious, inventive, and work to be a little better every single day. In our work together we aim to be smart, humble, hardworking and, above all, collaborative. If this sounds like a good fit for you, why not say hello?
What you will be doing
- Proactive discovery and prevention of threat actors and unwanted activity in Slack, specifically related to malware and file sharing
- Analyze malware threats at scale through scripting
- Create actions to discover and proactively prevent threats in Slack
- Engineer novel solutions to automate threat analysis challenges
- Work closely with other engineering teams to design and build long-term solutions for stopping malicious activity
- Develop new dashboards to visualize and surface data for analysis and reporting
- Write Yara rules and scripts to discover new cases of abuse
- Use data and tools to understand and hunt for threats in the environment
- Understand the underpinnings of how Slack works, and where bad actors could take advantage, to develop improved detective tools
- Expose measurable data to partners to improve Slack’s ability to detect future threats
- Participate in CorpSec detection and response activities and rotation up to 25%
What you should have
- 5-7 years work experience in threat analysis, focused in malware analysis
- Malware analysis experience on multiple platforms
- Proficiency with Python, Yara, Linux, Kibana, Splunk and engineering fundamentals at scale such as AWS, Chef, and Terraform
- Experience using relational databases such as MySQL or Postgres
- Proficiency with Malware Analysis Virtual Machines such as REMnux or FlareVM
- Experience handling and drawing metadata from malicious files, to correlate to malicious campaigns
- Experience understanding bad actors, threat intelligence, and abuse; involvement remediating abuse or security-related incidents is a plus
- You have a Bachelor's degree in Computer Science, Engineering or a related field, or equivalent training, fellowship, or work experience
Slack is registered as an employer in many, but not all, states. If you are not located in or able to work from a state where Slack is registered, you will not be eligible for employment. Visa sponsorship may not be available in certain remote locations.
Visa sponsorship is not available for candidates living outside the country of this position.
Slack has transformed business communication. It’s the leading channel-based messaging platform, used by millions to align their teams, unify their systems, and drive their businesses forward. Only Slack offers a secure, enterprise-grade environment that can scale with the largest companies in the world. It is a new layer of the business technology stack where people can work together more effectively, connect all their other software tools and services, and find the information they need to do their best work. Slack is where work happens.
Ensuring a diverse and inclusive workplace where we learn from each other is core to Slack’s values. We welcome people of different backgrounds, experiences, abilities and perspectives. We are an equal opportunity employer and a pleasant and supportive place to work.
Come do the best work of your life here at Slack.