Job Posting Title:

----

Hiring Department:

----

Position Open To:

----

Weekly Scheduled Hours:

----

FLSA Status:

----

Earliest Start Date:

----

Position Duration:

----

Location:

----

Job Details:

Remote work allowed. Remote work for individuals who reside outside Texas but within the United States and its territories will be considered and requires Central Office approval.
So.. Do you like doing long handstands throughout the day to get those creative juices flowing? Do you keep a statistics book handy just in case? Do you think one day you might retire and become a professional poker player? Do you find this joke funny: A squirrel walks up to a tree and says "I forgot to store nuts for the winter and now I am dead"? Do you sometimes lie awake at night wondering how to make the flux capacitor work for reals? Me neither, but if you are still reading, you might be a good fit for our team.In this role, you will help the Threat Detection and Response (TDR) team, within the UT Information Security Office, to analyze threats and associated data and malware to improve related defenses and automated responses to help the University of Texas at Austin manage risks, defend against attacks, and deploy services to assist and secure entities all over the planet (e.g., across the wider University of Texas System and other education institutions across the planet).

You will also have fun and you might even be warmed by your impact and ability to help others unless you are a cyborg, in which case your AI should have directed you to our other posting.

The threat landscape we operate in requires a team to respond appropriately; therefore, please apply even if you are unsure if your experience is relevant. The most important ingredients for success on this team are a strong ability to think creatively about problems, very strong communication skills, and a passion to learn and share knowledge.

You will get to work on large services and will have a chance to directly see the positive impact they have across the state, the country and even across the planet. You will get an opportunity to contribute to product development and roadmap with your unique perspective and ideas.
You will get to work with a very intelligent and dedicated team to address enterprise cybersecurity challenges through novel approaches in an office that highly values work-life balance, the freedom to explore out of the box ideas, and serving others.

Most importantly, you will help take our tools and ideas to the next level. What starts here changes the world!

This position works with Threat Detection and Response (TDR) team, within the UT Information Security Office, to analyze threats and associated data and malware to improve related defenses and automated responses to help the University of Texas at Austin manage risks, defend against attacks, and deploy services to assist and secure our customer entities across the state and beyond.

• Conduct in-depth malware reverse engineering, including the analysis of malware samples, understanding their functionality, and identifying their purpose
• Utilize various tools and techniques, such as static and dynamic analysis, debugging, and disassembly, to analyze and dissect complex malware samples
• Develop custom scripts and tools to automate and streamline the reverse engineering process
• Identify and understand the techniques used by advanced threat actors, including zero-day vulnerabilities, exploit development, and advanced persistent threats.
• Collaborate with the TDR team to develop and implement countermeasures, such as intrusion detection system (IDS) rules, Zeek scripts, Yara rules, and mitigation strategies
• Maintain up-to-date knowledge of the latest malware threats, vulnerabilities, and industry trends, sharing relevant information with the TDR team
• Better yourself and look for opportunities around the office to improve operations through collaboration and knowledge sharing.
• Other related functions as assigned.

• U.S. Citizen, resident, or officially recognized asylee - Applicant selected will be subject to government security investigation and must meet eligibility requirements for access to classified information at the level appropriate to the project requirements of the position.
• Minimum of 5 years of experience in malware reverse engineering, with a strong focus on advanced threats, sophisticated malware, and post exploitation tools
• Strong analytical skills involving Zeek, Snort, Suricata, Wireshark and tcpdump
• Strong familiarity with reverse engineering tools and techniques, including IDA Pro, Ghidra, OllyDbg, and x64dbg
• Strong familiarity with writing Zeek, Snort, Suricata rules or scripts
• Strong synchronous and asynchronous communication skills.
• Strong proficiency in programming languages such as C, C , Python, and Assembly
• Strong understanding of operating systems, networking protocols, and software exploitation techniques
• Self-motivated to learn and share knowledge.

Relevant education and experience may be substituted as appropriate.

• Experience with relational / non-relational datastores.
• Experience with Splunk
• Experience successfully working in a remote and/or hybrid work environments.

$130,000 depending on qualifications

• May work around standard office conditions
• Repetitive use of a keyboard at a workstation
• This position provides life/work balance with typically a 40-hour work week. Flexible work arrangements are available for this position.

• Resume/CV
• 3 work references with their contact information; at least one reference should be from a supervisor
• Letter of interest

Importantfor applicants who are NOT current university employees or contingent workers:You will be prompted to submit your resume the first time you apply, then you will be provided an option to upload a new Resume for subsequent applications. Any additional Required Materials (letter of interest, references, etc.) will be uploaded in the Application Questions section; you will be able to multi-select additional files. Before submitting your online job application, ensure thatALLRequired Materials have been uploaded. Once your job application has been submitted, you cannot make changes.

Important for Current university employees and contingent workers:As a current university employee or contingent worker, you MUST apply within Workday by searching for Find UT Jobs. If you are a current University employee, log-in to Workday, navigate to your Worker Profile, click the Career link in the left hand navigation menu and then update the sections in your Professional Profile before you apply. This information will be pulled in to your application. The application is one page and you will be prompted to upload your resume. In addition, you must respond to the application questionspresented to upload any additional Required Materials (letter of interest, references, etc.) that were noted above.
#LI-Remote

----

Employment Eligibility:

----

Retirement Plan Eligibility:

----

Background Checks:

A criminal history background check will be required for finalist(s) under consideration for this position.

----

Equal Opportunity Employer:

The University of Texas at Austin, as an ,complies with all applicable federal and state laws regarding nondiscrimination and affirmative action. The University is committed to a policy of equal opportunity for all persons and does not discriminate on the basis of race, color, national origin, age, marital status, sex, sexual orientation, gender identity, gender expression, disability, religion, or veteran status in employment, educational programs and activities, and admissions.

----

Pay Transparency:

The University of Texas at Austin will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor's legal duty to furnish information.

----

Employment Eligibility Verification:

If hired, you will be required to complete the federal Employment Eligibility Verification I-9 form. You will be required to present acceptable and original to prove your identity and authorization to work in the United States. Documents need to be presented no later than the third day of employment. Failure to do so will result in loss of employment at the university.

----

E-Verify:

The University of Texas at Austin use E-Verify to check the work authorization of all new hires effective May 2015. The university's company ID number for purposes of E-Verify is 854197. For more information about E-Verify, please see the following:

• [PDF]
• [PDF]
• [PDF]
• [PDF]

----

Compliance:

Employees may be required to report violations of law under Title IX and the Jeanne Clery Disclosure of Campus Security Policy and Crime Statistics Act (Clery Act). If this position is identified a Campus Security Authority (Clery Act), you will be notified and provided resources for reporting. Responsible employees under Title IX are defined and outlined in .

The Clery Act requires all prospective employees be notified of the availability of the Annual Security and Fire Safety report. You may or obtain a copy at University Compliance Services, 1616 Guadalupe Street, UTA 2.206, Austin, Texas 78701.