Federal Reserve Bank of Richmond logo
Senior Malware Analyst - Federal Reserve Bank of Richmond Richmond, VA, USA Bookmark Share Print 1917 0 1

Listing Description

Senior Malware Analyst – Incident Response

Requisition #268107

Location: Richmond, VA; All FRS Locations; Remote Employment Eligible 

 

The Richmond Fed is the proud home of the Federal Reserve’s National IT organization—a nationwide team delivering technology solutions and support across the Federal Reserve System (FRS). Many National IT employees are located in Richmond, while others are based across the U.S. at other Federal locations.

 

When you join our team, you’ll become part of a culture that welcomes differences, cares about our communities, and empowers each other to lead from where we are to make things better. 

 

Bring your passion and we’ll provide challenging and purposeful careers in a variety of fields, opportunities to grow and a wide range of benefits and perks that support your health and wealth. It’s all part of what makes #MyRichmondFed a great place to work!

 

About the Opportunity 

 

Our National Incident Response Team (NIRT), a national service provider for the Federal Reserve System (FRS), provides effective and efficient national intrusion detection, incident response, security intelligence, threat assessment, and vulnerability assessment services for the FRS. NIRT’s mission is to play a leading role in the FRS’ efforts to protect its information systems against unauthorized use.

 

NIRT has an immediate opening for a motivated cyber security professional to join their Malware Analysis team as a Senior Malware Analyst on our Cyber Investigations team that detects, analyzes, and investigates malicious software and threats for NIRT's customers across the United States. The NIRT Malware Analysis service exists to support incident response and containment efforts and to generate tactical threat intelligence for use in ongoing security monitoring.  

 

What You Will Do:

  • Plan and build capabilities to establish and mature the malware analysis service and processes.
  • Support incident response efforts with malware analysis to aid in containment and eradication of detected attacks.
  • Create tactical threat intelligence through advanced analysis of malicious code. 
  • Evaluate and analyze complex malicious code through static and dynamic malware analysis tools, including disassemblers, debuggers, virtual machines, hex editors, and un-packers.
  • Support the maintenance of malware analysis platforms and toolsets; identify requirements for new malware analysis capabilities; and contribute to the development of new malware analysis tools and techniques.
  • Produce reports detailing attributes and functionality of malware, including indicators that can be used for malware identification/detection; the relationship between a given sample of malware and other known samples/families of malware; and notable features that indicate the origin or sophistication of the malware and its authors.
  • Analyze a large volume of security event data from multiple sources to identify suspicious and malicious activity.
  • Perform postmortem analysis of traffic flows.
  • Conduct follow up analysis throughout the incident life cycle.
  • Lead projects and tasks associated with malware detection, analysis, and response.
  • Provide operational support to augment SOC duties as needed. This includes periodic 24/7 on call support and surge capacity during emergencies.

Qualifications:

  • Bachelor’s degree in Computer Science or a related discipline.
  • 5+ years of experience with security of multiple platforms, operating systems, software, communications, and network protocols; or an equivalent combination of education and work experience.
  • Experience in malware analysis (windows executables, exploits, scripts).
  • Static (e.g. IDAPro, Ghidra) and dynamic/behavioral malware analysis (e.g. OllyDBG).
  • Software development experience: Python, REST APIs, SQL, Regular expressions. C/C++ would be a plus.
  • Skill in detecting and bypassing anti-analysis features in advanced malware.
  • Skill in identifying obfuscation techniques.
  • Strong knowledge of current security threats, techniques, and landscape; dedicated and self-driven desire to research current information security landscape.
  • Strong conceptual and practical understanding of IT Infrastructure designs, technologies, products, and services including networking protocols; firewall functionality; host and network intrusion detection systems, operating systems, databases, encryption, load balancing, and other technologies.
  • Strong security platform and technology capabilities; SIEM utilization skills with the ability to review and analyze security events from multiple monitoring and logging sources to identify and/or confirm suspicious activity.
  • Ability to analyze large data sets and unstructured data to identifying trends and anomalies indicative of malicious activity, and capability to learn and develop new techniques.
  • Malware analysis certification (e.g. GREM, CREA).
  • Cyber-related certifications (e.g. CISSP, CEH, Security+).
  • Flexibility and proven ability to learn new things/skills fast. Relentless curiosity, Analysis, critical thinking, and problem-solving skills.
  • Excellent reading and writing skills.
  • Experience developing advanced technological ideas and guiding their development into a final product.
  • Ability to obtain and maintain a National Security Clearance. Ability to obtain a clearance requires US Citizenship.

 

Discover the Reason Why So Many People Love It Here! 

When you join Federal Reserve’s National IT organization, not only will you find a challenging and purposeful career, you’ll also have access to a wide range of benefits and perks that support your health and wealth, including: 

  • Great medical benefits
  • Pension and 401(k) with employer match
  • Paid time off
  • Tuition reimbursement
  • Employee resource networks
  • Paid volunteer leave
  • Flexible work options
  • Onsite amenities that make working here fun!

 

Other Requirements and Considerations: 

  • Candidates should review the Bank’s Employee Code of Conduct to ensure compliance with conflict of interest rules and personal investment restrictions.  The Code is available on the About Us, Careers webpage at www.richmondfed.org.
  • Sponsorship is not available for this role. Selected candidate is subject to special background check procedures including criminal check, credit check, and drug screen.
  • By federal law, the candidate hired for this position must able to obtain and maintain a National Security Clearance. Ability to obtain a clearance requires US Citizenship.
  • The Richmond, VA hiring range for the Senior Malware Analyst (Cybersecurity Analyst- Senior) is $93,000 - $116,200 annually.
  • The full Richmond, VA salary range for the Senior Malware Analyst (Cybersecurity Analyst- Senior) is $93,000 - $151,100 annually.
  • Salary offered will be based on the job responsibilities and the individual’s knowledge, skills, and experience as defined in the job qualifications/experience. For candidates located outside of Richmond, VA, the salary range may be adjusted for your geographic location.
  • Applications are reviewed on a rolling basis.

 

The Federal Reserve Bank of Richmond provides equal opportunity to all individuals without regard to race, sex, color, religion, gender identity or expression, sexual orientation, national origin, age, disability, or genetic information.

 

Listing Details

  • Salary: $95000 - $125000
  • Citizenship: Us Citizen
  • Incentives: Bonus

 

  • Education: Bachelors Degree
  • Travel: Travel 25
  • Telework: Optional Telecommute

About Us

NinjaJobs is a community-run job platform developed by information security professionals. Our unique approach of focusing strictly on cybersecurity positions allows us to personalize the user experience.

Useful Links

Our Contacts

1765 Greensboro Station Pl.
Suite 900
Tysons Corner Va 22102

(703) 594-7765

requests@ninjajobs.org
www.ninjajobs.org
Chat with us!