Listing Description
Job Description
Mandiant is seeking a technical analyst to join our Cyber Espionage Intelligence team. The Cyber Espionage team identifies, tracks and reports on government sponsored cyber espionage (APT) activity that takes place all around the world. This work supports corporate and government intelligence clients and other divisions of Mandiant.
The Principal Cyber Espionage Analyst will play an important role on our team, leading investigation and analysis of nation-state threats. The position will conduct in-depth technical analysis of malicious software (malware), campaigns, and the Tactics, Techniques and Procedures (TTPs) of nation-state sponsored actors. A particular emphasis will be on developing novel techniques for tracking advanced actors.
The role will effectively and efficiently work alongside of the technical and threat analysts on the Cyber Espionage Team to produce timely, thorough and actionable reporting.
What You Will Do:
- Discovery, categorization, and attribution of nation-state malware and infrastructure, including in-depth malware analysis
- Creation of signatures to support the collection and detection of malicious activity
- Development of tools to support proactive hunting across public and proprietary data sets
- Contributing to reporting on these discoveries to inform FireEye Threat Intelligence customers about the above malicious activities.
Qualifications
Minimum Requirements:
- 7+ years doing Malware Analysis including:
- Dynamic and static analysis of x86 Windows portable executable binaries
- Experience of x86 assembly language
- Experience with JavaScript, Perl, PowerShell, Python, Ruby, PHP, VBScript and other
- Decoding and decrypting of file data and network traffic
- 5+ years doing Campaign Tracking including:
- Experience creating file signatures leveraging malware detection platforms such as Yara
- Experience tracking adversaries via network infrastructure
- Experience correlating and attributing malicious activity
- Experience with finished threat intelligence
- Effective written and oral communication skills
Desired Qualifications:
- Experience the dynamic and static analysis of multiple operating systems and file formats.
- Experience disassembling multiple architectures
- Experience with the creation of file, host, and network signatures leveraging multiple malware and network detection platforms
- Experience developing decoders, decryptors, parsers, and other related tools based on malware, network traffic, and campaign analysis
- Experience developing tools to uncover targeted activity leveraging large data sets
- Experience producing finished intelligence products for multiple audiences
Listing Details
- Citizenship: Not Provided
- Incentives: Not Provided
- Education: Not Provided
- Travel: Not Provided
- Telework: Full Telecommute