Job description
What we do:
Halcyon is the industry’s first dedicated, adaptive security platform that combines multiple proprietary advanced prevention engines along with AI models focused specifically on stopping ransomware.
Who we are:
Halcyon was formed in 2021 by a team of cyber industry veterans after battling the scourge of ransomware (and advanced threats) for years at some of the largest global security vendors. Comprised of leaders from Cylance (now Blackberry), Accuvant (now Optiv), Fireye and ISS X-Force (now IBM), Halcyon is focused on building products and solutions for mid-market and enterprise customers.
As a remote-native, completely distributed global team, we recognize great talent can exist anywhere. We invite you to apply to a job you’re interested in and we’ll work a plan to meet your needs.
The Role:
Halcyon’s goal is to deliver an anti-ransomware solution that breaks new ground as to what a security product can deliver. Aligned with this goal, Halcyon is searching for a security researcher to contribute to a number of strategic research initiatives to develop Halcyon’s product and services catalogue. Halcyon’s primary focus for this role is to analyze ransomware samples and threat actor tools to gain insights for future product features, threat actor insights, and assist in the validation of our current capabilities. The ideal candidate will be a proficient reverse engineer with experience in analyzing malware, have a strong understanding of cryptography used in ransomware, and the ability to develop tools to augment existing capabilities.
Responsibilities:
Technical:
Reverse engineer malicious or unknown binaries to find insights and intelligence in ransomware samples and threat actor toolkits
Use and develop tools to bypass software protection and binary packing techniques.
Identify & develop proof-of-concept tools leveraging your security research background to help assist and scale threat research related tasks
Partner with applied researchers to enable the development of new Halcyon products and tools
Develop tools for the community, enabling access to our research and best practices, fostering knowledge sharing, and empowering others to conduct their own experiments and learn from our threat research methodology
Collaboration:
Collaborate with partner Research and Data Science teams on projects and to bring new ideas and technology to customers
Cultivate global collaborations with security researchers to exchange knowledge, stay updated on emerging threats, and build partnerships with offensive security researchers to enhance our defensive capabilities and embrace cutting-edge offensive security research.
Share knowledge with the community through engaging presentations, blog posts, papers, and active participation on social media channels, contributing to the broader information security ecosystem.
Communication:
Write high quality technical reports to enable our business to utilize the research effectively across the organization
Articulate technical requirements and details to both highly technical and non-technical audience
Skills and Qualifications:
Strong capabilities in reverse-engineering Windows binaries and applications.
Strong familiarity with Windows development practices, low level operating system concepts, and networking.
Proficiency with development in scripting languages such as Python or Ruby.
Proficiency with development in compiled languages such as C, C++ and/or Rust.
Experience in auditing implementations of cryptographic algorithms to identify security issues
A willingness to lead by example and participate actively in the workload
Excellent English verbal and written communication and presentation skills
Maintains a positive attitude and quickly adapts to change
Passionate about information security
Bonus Skills and Qualifications:
Participation in security-focused communities, open source development, and intel sharing communities is a plus.
Proficiency with development in CUDA
Advanced degree in a technical field (Computer Science, Electrical Engineering, Math, Physics, etc…)
Track record of advancing offensive security research field through vulnerability discoveries, research publications, and/or developing security tools
Benefits:
Halcyon offers the following benefits to eligible employees:
Comprehensive healthcare (medical, dental, and vision) with premiums paid in full for employees and dependents.
401k plan with a generous employer contribution.
Short and long-term disability coverage, basic life and AD&D insurance plans.
Medical and dependent care FSA options.
Flexible PTO policy.
Parental leave.
Generous equity offering.
The Company reserves the right to modify or change these benefits programs at any time, with or without notice.
Base Salary Range: $200,000 - 250,000
Bonus Target: 10%
In accordance with applicable state and federal laws, the range provided is Halcyon’s reasonable estimate of the base compensation for this role. The actual amount may differ based on non-discriminatory factors such as experience, knowledge, skills, abilities, and location. Base pay is one part of the total package that is provided to compensate and recognize employees for their work, and this role may be eligible for additional discretionary bonuses/incentives, and equity in the Company.
We understand it takes a diverse team of highly intelligent, passionate, curious, and creative people to develop the exceptional product we are building. Our dynamic team has incredible perspectives to share, just as we know you do, and we take great pride in being an equal opportunity employer.
