Perlis Cyber Protection Labs is looking for a talented Windows OS internals - End Point Protection (EPP)/End Point Detect and Response (EDR) expert to join our team and develop the multi-platform (Windows and Linux) EDR agent.

Who are we?

Toga Networks is Huawei’s R&D center in Israel, and is one of the most influential technology companies around the world. Our company is composed of small, focused teams that act as independent thinking groups, looking and seeking future technologies that can serve Huawei customers worldwide.

About the group:

Perlis Cyber Protection Labs is responsible for researching innovative breakthrough product-oriented technologies for various cyber security products. The "End Point Detect and Response (EDR)" team is the “elite team” of the Huawei R&D centers which is responsible for tackling the most difficult security challenges that the EDR product line faces. These challenges are resolved by innovation of the skillful experienced team members that bring strong engineering and research skills. Our disruptive security modules impact millions of Huawei customers around the globe and protect them from the most challenging cyber security threats such as: ransomwares, crypto-miners, malicious scripts and more.

What will you be doing?

You will join a team of OS internals and networking experts together with security researchers and data scientists that research and implement advanced innovative cyber security capabilities.

• Lead a research autonomously .
• Act as the technological leader working with oversea experts.
• Team player who will work together with different experts with different responsibilities and backgrounds.
• Responsibility for different type of research challenges including:

1. Advanced low-level monitoring capabilities – kernel & user spaces.
2. Security research of agent tampering and malware monitoring evasions.
3. Implementation of different detection mechanisms in collaboration with the data scientists and security experts.
4. Designing and guiding the performance, operational and testing phases.

What do we want to see?

• OS internal
• 3+ years of experience in C/C++ development
• 3+ years of experience in Windows OS API kernel hooking
• File system monitoring (mini-filter driver)
• Network monitoring
• Process monitoring
• Kernel API hooking
• 3+ years of experience with Windows low-level kernel debugging
• Cyber Security
• 3+ years Malware reverse engineering and analysis
• 3+ years Win OS agent (EDR/EPP/AV) Tamper protection
• 3+ years of developing malware detection methods
• Profound understanding / familiarity with malware life-cycle (MITRE)

Ways to stand out from the crowd:

• Good communicator, people oriented and team player
• Capable of leading a research from an idea to pre-production solution
• Python – Advantage
• Linux OS internals - advantage