What it takes to be a malware analyst

The proliferation of ransomware and other attacks has increased demand for experts who can analyze how the software works and devise a response.

Become An Insider

Sign up now and get FREE access to hundreds of Insider articles, guides, reviews, interviews, blogs, and other premium content. Learn more.

The rise in ransomware attacks shows that malware is still very much a major cybersecurity problem for organizations. The professionals on the security team perhaps best suited to address the challenge are malware analysts.

“Cybersecurity incidents are on the rise around the world, with prominent recent examples including the worldwide WannaCry ransomware attack, and the need for experienced malware experts is outstripping the available supply of talent,” says Domini Clark, principal at Blackmere Consulting, a recruiter of information security professionals.

“We are seeing more positions titled ‘malware analyst’ in the market. However, other titles are related to this work, including security consultant or reverse engineer and threat researcher,” Clark says.

The majority of these roles are found in security consulting firms, security products companies and government contractors, versus enterprise environments, Clark says. However, there are exceptions to this with large organizations. “The truth is, many enterprise environments simply lack the resources to keep pace with dynamic threats, nor can they justify the spend for a team specific to malware analysis,” she says. “Instead, they rely on vendors for this intelligence.”

[Related: -->Polymorphic Malware: A Threat That Changes on the Fly]

To continue reading this article register now

SUBSCRIBE! Get the best of CSO delivered to your email inbox.