What it takes to be a malware analyst

The proliferation of ransomware and other attacks has increased demand for experts who can analyze how the software works and devise a response.

careertracker malware primary

The rise in ransomware attacks shows that malware is still very much a major cybersecurity problem for organizations. The professionals on the security team perhaps best suited to address the challenge are malware analysts.

“Cybersecurity incidents are on the rise around the world, with prominent recent examples including the worldwide WannaCry ransomware attack, and the need for experienced malware experts is outstripping the available supply of talent,” says Domini Clark, principal at Blackmere Consulting, a recruiter of information security professionals.

“We are seeing more positions titled ‘malware analyst’ in the market. However, other titles are related to this work, including security consultant or reverse engineer and threat researcher,” Clark says.

The majority of these roles are found in security consulting firms, security products companies and government contractors, versus enterprise environments, Clark says. However, there are exceptions to this with large organizations. “The truth is, many enterprise environments simply lack the resources to keep pace with dynamic threats, nor can they justify the spend for a team specific to malware analysis,” she says. “Instead, they rely on vendors for this intelligence.”

[Related: -->Polymorphic Malware: A Threat That Changes on the Fly]

As with other information security skills, there is a significant shortage of malware analysts, Clark says. A supply-and-demand search using Careerbuilder’s data portal, which pulled data from nationwide figures over the last two years, shows the title “malware analyst” resulted in 1,726 job postings and only 52 “active” candidates.

To continue reading this article register now

Subscribe today! Get the best in cybersecurity, delivered to your inbox.