Job Description: What Does a Malware Analyst Do?

Malware analysts are experts at identifying cyber threats such as worms, trojans, bots, rootkits and viruses. These professionals protect digital assets from threats and work closely with other security experts in teams. Malware analysts also need to have the skills to reverse engineer malware, so companies can build defenses using binary footprints. Because of the reverse engineering aspect, most malware analysts are well versed in computer languages and decompiling programs.

Malware analysts dissect code. They are problem solvers who understand binary language as if it’s their second fluent language. They must be able to decipher several coding languages including Assembly. Once the analyst defines and understand malware code, they must also be able to create code that defends the network against cyber threats. Malware analysts sometimes work for antivirus companies creating definition files to protect end users from the numerous zero day malware programs created every day.

Malware Analyst Job Responsibilities and Duties

Malware analysts work closely with other security team members. They work with security analysts, architects, and administrators. They help design software to protect both hardware and software assets. They protect from outside cyber threats as well as any malware that could send data from the internal network to a hacker’s server. Malware analyst responsibilities normally revolve around software threats, but they can sometimes be a part of network security teams to bring overall support for enterprise networks.

Job responsibilities include:

  • Document malware threats and identify procedures to avoid them
  • Analyze programs and software using analysis programs to identify threats
  • Classify malware based on threats and commonalities
  • Keep up-to-date on the latest malware threats and keep software updated to defend against them
  • Write alerts to let security personnel know about the latest threats
  • Help create documentation for corporate security policies
  • Train personnel and other team members on best security practices
  • Understand tools that identify zero day cyber threats and work to protect from them
  • Participate in research and development of malware protection tools