Listing Description
Typical Education and Experience:
6+ years work experience preferred
GIAC Reverse Engineering Malware [GREM] (or equivalent)
Experience with x64dbg, Ollydbg, IDA Pro
Experience with setting up a malware analysis lab (VMs, tools, etc.)
Experience working on a reverse engineering team or a security operations center
No degree required
Required Skills:
Malware Reverse Engineering, Disassembly, and Debugging
Ability to perform both Behavioral/Dynamic and Static malware analysis
Proficiency with open-source malware analysis tools
Extensive experience with Windows operating system internals
Experience analyzing PE and comfortable working with various file types such as macros, .NET, Delphi, and C/C++-based programs
Ability to review and interpret host-based alerting
Experience with Endpoint Detection & Response (EDR) products
Experience with Endpoint Protection Platform (EPP) products
Malware classification/detection with Yara
Preferred Skills and Education:
Experience with ELF file format and Linux OS internals
Experience with analyzing both commodity and nation-state malware
Familiar with malware families (e.g. PoisonIvy, Gh0st RAT)
GREM/GCFE/GCFA (or equivalent)
Python/Perl/PowerShell Scripting
EnCE
Ability to read and interpret PCAP
FireEye Endpoint Protection (HX) experience
McAfee Access Protection (MCAP) experience
CREAPerform triage analysis of malware samples
Manage a team of 1-2 malware analysts
Provide malware family identification
Write and tune Yara signatures to identify and discover malware
Monitor for new malware samples using subscription services
Support Security Operations by providing timely report of relevant malware indicators for intrusion detection
Support forensic operations/endeavors
Write signatures for endpoint detection/protection platforms (EDR/EPP)
Create content in SIEM for host-based signature detection
Monitor SIEM tool for host-based signature detection; tune and escalate accordingly
Write custom scripts to deobfuscate, decode and automate analysis process
Produce accurate, high-quality, evidence-based reports and presentations
Working understanding of the Lockheed Martin Cyber Kill ChainĀ®
Incident Response
Intrusion Analysis
Forensic Analysis
Eligible to obtain/maintain a security clearance at the Secret level
Listing Details
- Salary: $110000 - $130000
- Citizenship: Us Citizen
- Incentives: Not Provided
- Education: Bachelors Degree
- Travel: No Travel
- Telework: No Telecommute