Malware Analyst Reverse Engineer (Hybrid)

At Allstate, great things happen when our people work together to protect families and their belongings from life’s uncertainties. And for more than 90 years our innovative drive has kept us a step ahead of our customers’ evolving needs. From advocating for seat belts, air bags and graduated driving laws, to being an industry leader in pricing sophistication, telematics, and, more recently, device and identity protection.

Your role in the team

The Allstate Information Security (AIS) department is responsible for managing cyber security at Allstate. This includes Governance/Risk/Compliance, Access Management, Network Security, and Threat Response Services. The department is responsible for ensuring confidentiality, integrity, and availability of Allstate systems.

We are seeking an experienced Malware Analyst/Reverse Engineer to perform malware analysis and reverse engineering in support of incident response, investigative analysis, threat hunting, and research on existing and emerging cyber threats. The role will involve in-depth analysis of static and behavioral analysis of complex malicious code utilizing various tools, including disassemblers, debuggers, hex editors, un-packers, virtual machines, and network sniffers. The candidate will perform the functions of malware analyst/reverse engineer and serve as a liaison for Threat Services for the Global Fusion Center, and mentor and collaborate with the threat hunting, incident handling/response, and forensics teams.

Key Responsibilities

• Use expertise in malware analysis/reverse engineering to evaluate and analyze complex malicious code
• Perform reverse engineering for suspected or known malware files, determining the TTPs associated with the code
• Develop custom tools designed to automate analysis
• Perform research around malicious software, vulnerabilities, and exploitation tactics, and recommend preventative or defensive action
• Produce detailed reports identifying attributes and functionality of malware, and IOCs that can be used for malware identification/detection, to include behavior, identified infrastructure used for command and control, and mitigation techniques
• Assist in identifying (hunting) and profiling threat actors and TTPs
• Develop host and network-based signatures to identify specific malware via heuristic and/or anomaly-based detection methods
• Participate in formal technical briefing and proposals
• Perform as an Information Security SME in the some of the following areas: Malicious code behavior; Threat Intelligence; Incident Response; Web Application; Program Languages; Operating System platforms (Windows, Linux, OSX, UNIX, VM Ware ESX); Networking (firewalls, IDS/IPS, packet capture)
• Providing mentorship and support to teammates regarding malicious file analysis/behavior, communication/rapport with other divisions and various levels of leadership, technical expertise, and career development
• Capable of identifying need & driving solutions, and providing guidance, in an autonomous manner

Essential Criteria

• Advanced experience with reverse engineering tools like IDA Pro, Ghidra, OllyDbg, WinDbg, and BinaryNinja.
• Ability to reverse engineer binaries of various types including: x86, x64, C, C++, and .NET.
• Deep understanding of x86, ARM, and x64 architectures.
• Strong understanding of Windows Operating System Internals, Windows APIs, and writing and analyzing DLLs.
• Strong experience with programming languages (Python, Bash, PowerShell, Perl, C/C++, Go).
• Recent experience developing custom software and hardware tools to assist in performing reverse engineering and vulnerability analysis.
• Expert understanding of large, complex corporate network environments.
• 5+ years overall technical experience in either reverse engineering/malware analysis, threat intelligence, incident response, security operations, or related information security field.
• 2+ years’ experience performing direct reverse engineering/malware analysis.

Desirable Skills

• Obtained certifications in several of the following:
• SANS GIAC courses, GREM, CISSP, OSCE, OSCP, CREST CRT, CEH or tool-specific certifications
• Experience in penetration testing, ethical hacking, exploit writing, and vulnerability management
• Strong communication (oral, written, presentation), interpersonal and consultative skills, especially regarding white papers, briefs, and presentations.

Supervisory Responsibilities

• This job does not have supervisory duties.

Job Posting End Date: Thursday 25th of July [11:59pm]

Why join us?

Allstate NI is proud to be Allstate’s European Digital Centre of Excellence—recent winners of ‘Best Use of Cloud Services’ at the Belfast Telegraph IT Awards 2024, and recognised for our community and sustainability impact at the 2024 Business in the Community Awards and Gold accreditation for Environmental Responsibility.

We’re a product-driven, cloud-first organisation delivering real outcomes through modern technology, a digital product-centric talent model, and a culture rooted in engineering excellence. Our teams work in cross-functional structures, guided by an outcome-based delivery approach that accelerates speed, agility, and value.

We offer:

• A generous, flexible benefits package including annual leave, healthcare and dental cover, pension, and lifestyle discounts

• Access to world-class learning platforms and award-winning L&D

• Clear career paths, internal mobility, and a strong focus on growth

• A people-first culture with flexible working options

Be part of a high-performing, socially responsible organisation where your work has purpose, and your growth is supported every step of the way.

Statement on Fair Employment and Equal Opportunities

Allstate NI wishes to ensure equal opportunity is given to all job applicants. This company will not discriminate on the grounds of race, gender (including gender reassignment status), sexual orientation, religious belief, political opinion, marital status, age or disability.

We are an equal opportunities employer. We welcome applications from all suitably qualified persons. However, as women are currently under-represented in our workforce, we would particularly welcome applications from women. All appointments will be made on merit.

Applicants should note Allstate NI complete AccessNI background checks on all candidates offered a position.

Posting End Date:

18 July 2025 #J-18808-Ljbffr