Malware Researcher

Trend Micro, a global cybersecurity leader, helps make the world safe for exchanging digital information across enterprises, governments, and consumers.

Fueled by decades of security expertise, global threat research, and continuous innovation, Trend harnesses AI to protect organizations and individuals across clouds, networks, devices, and endpoints.

The Trend Vision OneTM enterprise cybersecurity platform accelerates proactive security outcomes by predicting and preventing threats across the entire digital estate and environments like AWS, Google, Microsoft, and NVIDIA.

Trend Micro Research is seeking a Malware Researcher to join our industry‑leading research team.

Trend Micro Research supports a global customer base including leading security product vendors, software vendors, and large enterprises with a set of industry‑leading technical data feeds, research products, and engineering services.

As a Malware Researcher, you will be part of a team that analyzes advanced malware samples using static and dynamic analysis with the primary goal of decoding and detecting malware communication mechanisms.

• Reverse‑engineer malware samples to identify malware communication mechanisms and analyze malware network traffic to develop Snort signatures.
• Produce documentation describing malware behaviour and detection strategies.
• Communicate research results to customers, team members, and management.
• Collaborate with team members to improve the analysis and response process.
• Monitor security industry publications, newsgroups and press releases to identify new or active malware threats.

• Advanced knowledge in reverse engineering on various architectures and platforms.
• Familiarity with debugging tools such as IDA Pro, Ghidra, WinDbg, OllyDbg, etc.
• In‑depth knowledge of modern operating systems including Windows and Linux.
• Knowledge of various encryption and obfuscation techniques used by malware.
• Experience with low‑level programming languages such as C/C++ or assembly language is a plus.
• In‑depth knowledge of TCP/IP and other networking protocols.
• RFC‑level understanding of popular protocols like HTTP, FTP, SMTP, SMB.
• Familiarity with tools such as Snort, Wireshark, Windows Sysinternals, and VMware.
• Experience or familiarity with Mitre ATT&CK Framework and STIX 2.x format for Cyber Threat Intelligence (CTI).
• Familiarity with scripting languages such as Python, Ruby, Perl, JavaScript, PowerShell or Bash.

• Ability to analyze and describe complex application behaviours.
• Experience in reverse engineering is a plus.
• Proficient English communication skills, both written and oral.

Bachelor's or Master’s degree in computer science or a related field preferred but not required.

Industry experience performing similar technical role preferred but not required.

At Trend Micro, we are committed to fostering a diverse, inclusive, and genuine workplace. If you’re enthusiastic about this position but find that your experience and background don’t perfectly match every qualification, we still encourage you to apply. You could very well be the ideal candidate for this position or others within our organization.

• Group benefits program with health and dental coverage
• Telehealth Virtual Health Services
• Life Insurance
• Short & Long Term Disability
• Pre‑partum, maternity, parental and medical leave
• Critical Illness Insurance
• Mental Health Wellness Program
• Wellness Incentive Program
• Retirement Savings Programs with company match
• Paid Time Off
• 14 Annual Holidays
• Tuition Assistance

We offer competitive compensation with bonus opportunity tied to company performance, along with room to enhance your skills through ongoing learning and broad technological opportunities.

No sponsorship will be provided for work permit applications or renewals for this position now or in the future. For applicants in the province of Ontario, Trend Micro Canada is committed to fair and equitable compensation practices.

Trend Micro Canada welcomes and encourages applications from people with disabilities. Accommodations are available on request for candidates taking part in all aspects of the selection process.