Sr. Malware Analyst

Full Time
Charlotte, NC
Areas of Interest: Test and Evaluation, Vulnerability Assessment and Management
report a problem

PhishMe is seeking a motivated Sr. Malware Analyst to join our Phishing Defense Team. The Sr. Malware Analyst will in-depth analysis of phishing threats reported by our customers and provide details and guidance to help customer mitigate threats. The ideal candidate will be able to work both independently on analysis and share intelligence from analysis with other team members. The candidate must have excellent written and verbal communications skills and be a team player willing to adjust to the dynamic needs of a growing company.


  • Serve as escalation point for in-depth analysis of phishing threats reported by the customer
  • Identify malicious nature of the threat and provide details and guidance to the customer on how to mitigate the threat
  • Maintain ownership of cases opened for customers including updating cases, communicating with the customer, and documenting resolution
  • Serve as subject matter expert during life-cycle of customer relationship
  • Build and/or maintain malware analysis labs
  • Proactively identify and propose solutions to improve services
  • Provide mentorship and training to Jr staff members
  • Write blogs or papers on malware topics for public consumption
  • Work with engineers on product improvements that help add efficiency and effectiveness to our services
  • Collaborate with various teams on malware research
  • Gather intelligence information from analyzed malware in a way that can be consumed and disseminated to our customers via various product platforms
  • Produce monthly customer reports
  • Maintain adequacy of skills by attending approved conferences, training, and other related events
  • Other duties as assigned


The above statements are neither intended to be an all-inclusive list of the duties and responsibilities of the job described, nor are they intended to be a listing of all of the skills and abilities required to do the job. Rather, they are intended only to describe the general nature of the job. This job description is not a contract of employment, either express or implied. Employment with PhishMe will be voluntarily entered into and your employment is considered at will. PhishMe reserves the right to alter the job description at any time without notice.


  • Minimum of 5 years of general security experience and at least 3 years in malware analysis and defense experience including ability to reverse engineer malware to identify malicious nature and intent
  • Industry recognized certifications in Malware Analysis and/or Incident Response required
  • Demonstrate ability to apply critical thinking to cyber threat investigations
  • Demonstrated verbal and written communication skills that articulates cyber threat impact into business impact
  • Proficient in common technologies such as networking, operating systems, email Infrastructures such as Exchange and Office 365, anti-virus programs, and advanced threat detection systems
  • Proficient in common end-user applications such as web browsers and productivity applications such as MS Word, Excel, and PowerPoint that are commonly targeted by malware
  • 4 Year Degree in Computer Science or related field or demonstrated experience in the industry and cyber security


  • Competitive salary and stock options
  • 401k with company match
  • Health, vision, dental, disability, life insurance
  • Telecommuting expense reimbursement


  • Charlotte, NC Area

PhishMe is committed to equal employment opportunity. We will not discriminate against employees or applicants for employment on any legally recognized basis [protected class] including, but not limited to: veteran status, uniform service member status, race, color, religion, sex, national origin, age, physical or mental disability, genetic information or any other protected class under federal, state, or local law.

EEO Category


Share this job:

PhishMe, Inc.

End-to-End Phishing Mitigation - From the Inbox to the SOC
Our team developed the PhishMe® concept based on dozens of years of experience in penetration testing, social engineering, abuse management, incident response and forensics. As our founding team looked at the results of the annual assessment model we implemented for clients, we realized that to effectively combat phishing attacks, our customers needed to combine compelling exercises with dynamic, immersive training.

The company was incorporated in 2011, but the PhishMe service launched publicly in 2008. PhishMe is headquartered in Northern Virginia with additional offices in New York, and London.

Today, PhishMe is the leading provider of threat management for organizations concerned about human susceptibility to advanced targeted attacks. PhishMe’s intelligence-driven platform turns employees into an active line of defense by enabling them to identify, report, and mitigate spear phishing, malware, and drive-by threats. Our open approach ensures that PhishMe integrates easily into the security technology stack, demonstrating measurable results to help inform an organization’s security decision making process.

Our customers include the defense industrial base, energy, financial services, healthcare, and manufacturing industries, as well as other Global 1000 entities that understand changing user security behavior will improve security, aid incident response, and reduce the risk of compromise.

Visit PhishMe, Inc.'s Social Media pages:
Company Type: Privately Held
Company Size: 201-500
One other job with this company: