Trellix Hiring for Allow List Researcher at Bangalore, India Full Time

Job Title:

Allow List Researcher

Role Overview:

We are seeking an enthusiastic Allow List Researcher to join our growing organization. Our global ARC Threat Research organization works in the areas of malware research, response, Threat Intelligence and system Engineering and development.

As part of this role you will be expected to learn the ins-and-outs of our clean file categorisation procedures, source clean files and develop automation for automated classification, resolve false detections, and ensure minimal false detection rates for ENS and other products. Additionally, you will help to develop automation and author content which will help “fight the bad guys.”

Key Responsibilities:

• Perform Researcher level analysis and categorisation of non-malicious files

• Perform Researcher level analysis and categorisation of Potentially Unwanted Programs “PUPs”

• Improve our sources of clean files

• Resolve false positive detections on non-malicious files

• Resolve false positive detections and categorize files submitted by the Trellix GetClean application

• Analyse digital certificates and classify accordingly

• Develop and improve automation for processing bulk samples

• Resolve 3rd party vendor escalations

• Resolve Gateway Anti-Malware false positive detections

• Develop customer clean file submission programs

• Proactively classify files to prevent detection

• Write Crawler scripts.

• Automate daily operational tasks

• Take responsibility for updating skills and technical growth

• Interact effectively with other team members, actively support both team and company direction

• Able to effectively multi-task, accepting changing direction in a fast-moving threat landscape

Required Experience / Skills & Education:

• Degree Level Computing Qualification or equivalent with 2+ years demonstrated experience.

• Ideally you will have previous experience in a Security Research / Content Categorisation related role

• You should have experience in Python, C/C++, or other similar programming languages.

• You should have experience of various malware analysis tools, and be able to determine if a file is clean, malicious or a “Potentially Unwanted Program”

• You should have knowledge of Windows OS internals – memory, threads, processes, API, etc.

• You should have knowledge of Networking protocols and experience with network traffic analysis tools (Wireshark, Fiddler).

• You understand Linux, MacOS malware and its threat landscape.

• You should have excellent problem-solving skills, fast learner, self-motivated to take initiatives with focus on achieving results in timely manner.

• Ability to positively adapt to changes and multitasking in a fast-moving industry

• Willingness to work flexible hours when required

Company Benefits and Perks:

We work hard to embrace diversity and inclusion and encourage everyone to bring their authentic selves to work every day. We offer a variety of social programs, flexible work hours and family-friendly benefits to all of our employees.

• Pension and Retirement Plans

• Medical, Dental and Vision Coverage

• Paid Time Off

• Paid Parental Leave

• Support for Community Involvement

We’re serious about our commitment to diversity which is why we prohibit discrimination based on race, color, religion, gender, national origin, age, disability, veteran status, marital status, pregnancy, gender expression or identity, sexual orientation or any other legally protected status.

Trellix is a global company redefining the future of cybersecurity. The company’s open and native extended detection and response (XDR) platform helps organizations confronted by today’s most advanced threats gain confidence in the protection and resilience of their operations. Trellix’s security experts, along with an extensive partner ecosystem, accelerate technology innovation through machine learning and automation to empower over 40,000 business and government customers. More at https://trellix.com .