Job Summary

• Our culture is rooted in integrity, empathy, and shared enthusiasm, and we look for curious minds and courageous collaborators who bring sun-drenched optimism and drive.
• This role will support one or more direct or indirect contracts with the U.S. Federal Government which, due to federal government security requirements, mandates that all Workday personnel working on the contracts be United States citizens.
• The annualized base salary ranges for the primary location and any additional locations are listed below.

Matching Summary

Salary

Primary Location Base Pay Range: $159,600 USD - $239,400 USD; Additional US Location(s) Base Pay Range: $144,400 USD - $258,000 USD; Bonus/Equity: May be eligible for Workday Bonus Plan or role-specific commission/bonus, as well as annual refresh stock grants

Skills & Requirements

Key Requirements

• 8+ years of proven expertise in DFIR, malware analysis, or advanced threat hunting
• 5+ years of experience with Python, Go, or C/C++
• Expertise in Static and Dynamic Analysis of malicious binaries and scripts
• Deep experience with Forensic Suites and memory forensics tools
• Strong mastery of Intelligence Frameworks (MITRE ATT&CK, Diamond Model)
• Proficiency with disassemblers and debuggers (IDA Pro, Ghidra, x64dbg, GDB)
• Ability to reconstruct attack timelines by analyzing volatile memory, file systems, and registry hives
• Experience translating malware behaviors into YARA, Snort, or Sigma rules
• Experience hunting for forensic artifacts within large-scale SIEM platforms
• Experience building and maintaining automated malware analysis pipelines and custom sandbox environments
• Ability to explain complex analysis to non-technical stakeholders

Work Rights