Engineer Position

Context:

In the context of a collaboration with CISCO, we aim at improving state-of-the-art malware detection. We want to improve both the accuracy (i.e. high rate of detection, no false positives) and on the speed of the detection. We have a cluster of multicore machines dedicated to this task, as well as a large database of malwares. We are now in the process of interconnecting tools performing various tasks, i.e. disassembly, processor emulation, concolic analysis, graph manipulation, graph analysis, machine learning, …), in order to achieve our goal, that is fast and accurate detection of malware.

Job description:

The cooperation of various tools and handling of various executable format rises a number of technical problems. We expect the candidate to help us solving these problems by integrating the various tools together and possibly adding missing features or interfaces to existing tools, in order to obtain a complete and robust tool-chain. In a second time, we expect the candidate to help us building an high-performance distributed implementation of that toolchain based on a big-data technology that is yet to be defined (spark, TensorFlow, …). The contract will last two years.

Requirements:

The candidate has an engineering degree or a PhD, and is able to program in most widespread scripting and programming languages (Python, C, C++, Java, bash, …). The candidate is able to work in a team and understand the research about malware in order to implement or reimplement new or existing algorithms optimally. The candidate has experience with setting up big data framework (such as apache spark, or similar), optimizing it for the hardware and the algorithm to implement. Furthermore, the candidate has some experience in analyzing various executable format (PE, elf, …) for malware analysis. Some experience in machine learning and system administration would also be appreciated.