Skip to Main Content

Cyber Forensics and Malware Analyst

BCMC
Ashburn, VA
  • Posted: over a month ago
  • Full-Time
Job Description

This position requires Active TS/SCI Security clearance.

Primary Responsibilities:

  • Perform long-term and time-sensitive in-depth technical analysis of malicious code (malware), analyze the inner workings, and develop defensive countermeasures.
  • Conduct malware analysis using static and dynamic methodologies (e.g. debuggers [Ollydbg], disassembler [IDA Pro], sandbox execution, etc)
  • Produce malware reports to disseminate to the watch floor and enterprise
  • Perform technical analysis against target systems and networks, characterize target network capabilities and vulnerabilities, and support development of new techniques to exploit targets.
  • Perform analyses of cyber activities to identify entities of interest; their methods, motives, and capabilities; determine malicious behavior; and recognize emergent patterns and linkages to visualize the larger picture of cyber-based operations.
  • Discover unknown, suspicious or exploitation activity, and provide briefings of intrusion set activity to partner organizations/agencies.
  • Write forensics and/or incident response reports, investigate computer attacks, and extract data from electronic systems.
  • Perform technical analysis for exploitation of an identified activity that is of an unknown or suspicious origin.
  • Help define requirements and identify gaps for performing remote compromise assessments
  • Perform as a senior analyst and liaison between the customer and NOSC while performing remote assessments
  • Train team members on analysis, tools and reporting.
  • Work with the Splunk team to implement, enhance, or change existing use cases
  • Pivot on the forensic data working with the Cyber Threat Intelligence team to determine if the malware is part of a larger campaign, how DHS is being targeted, and what further remediation is required
  • Lead remote compromise assessments and produce final assessment report
  • Provide input for NOSC improvement and identify visibility gaps for enterprise monitoring
  • Potentially travel to other DHS locations (1-3 times/year) to support Incident Response investigations
  • Develop and maintain SOPs and ROE templates

BASIC QUALIFICATION:

  • In lieu of BS Degree, 12 or more years continuous cyber network and vulnerability/malware analysis experience will be considered on a case by case basis.
  • Experience in supporting malware analysis and forensics in cyber operations, and/or federal law enforcement.
  • Experience reverse engineering and analyzing malware and developing a malware analysis report
  • Understand and utilize Threat Intel Frameworks (e.g. Cyber Kill Chain, MITRE ATT&CK, Diamond Model)
  • Hands-on experience with Enase, FTK, FireEye HX, Volatility, Security Onion, Suricata, Gigamon, VMWare ESXi, Splunk
  • Signature (e.g. Snort, Yara, Suricata) development/tuning
  • Proficient working in Windows and Linux operating systems
  • Experience with any of the following Malware tools: Wireshark, OllyDBg, IDA Pro, RegShot, TCPDump, WinHex, Windbg, or PEid.
  • Experience writing scripts/tools to develop an analysis capability to include applying basic analytic methods such as computer programming, (JAVA, Perl, C, etc.) and debugging programs.
  • Experience related to the use of relevant CNO and SIGINT tools and databases used for the customer mission. Extensive knowledge about network ports and protocols (e.g. TCP/UDP, HTTP, ICMP, DNS, SMTP, etc)
  • Experience with network topologies and network security devices (e.g. Firewall, IDS/IPS, Proxy, DNS, WAF, etc).

PREFERRED QUALFICATION:

• Proficient in one more of the following computer languages: Python, Bash, Visual Basic or Powershell in order to support cyber threat detection or reporting
• Demonstrated ability to develop and implement hunt methodologies for fly away assessments and for the NOSC

REQUIRED CERTIFICATION: At least one from below.

CCFP – Certified Cyber Forensics Professional
CCNA Security
CCNP Security
CEH – Certified Ethical Hacker
CHFI – Computer Hacking Forensic Investigator
CISSP – Certified Information Systems Security
ECES – EC-Council Certified Encryption Specialist
ECIH – EC-Council Certified Incident Handler
ECSA – EC-Council Certified Security Analyst
ECSS – EC-Council Certified Security Specialist
EnCE
ENSA – EC-Council Network Security Administrator
GCFA – Forensic Analyst
GCFE – Forensic Examiner
GCIH – Incident Handler
GISF – Security Fundamentals
GNFA – Network Forensic Analyst
GREM – Reverse Engineering Malware
GWEB – Web Application Defender
GXPN – Exploit Researcher and Advanced Penetration Tester
LPT – Licensed Penetration Tester
OSCE (Certified Expert)
OSCP (Certified Professional)
OSEE (Exploitation Expert)
OSWP (Wireless Professional)
CIRC
FIWE
WFE-E-CI
FTK-WFE-FTK

Our Company Overview:

Business Computers Management Consulting Group, LLC (BCMC) is a small business specializing in Information Technology (IT), Cybersecurity, Information Assurance (IA), SOA, Big Data Management, Program Management, and more for Federal, State, and Local agencies. We possess highly skilled engineers, providing innovative solutions backed by strong past performances. We are ISO 9001:2015, ISO 27001:2013, 20000:2018, and CMMI L3 certified and registered promising highest quality and services o all of our clients.

Benefits

Extremely competitive salary
95% employer paid for employee medical, dental, & vison coverages
100% employer paid for employee life, STD & LTD disability coverages
401k with company match and profit sharing
Flexible Spending Account (FSA) for dependent & health care
11 standard holidays & 3 weeks of annual leave

Powered by JazzHR

kHGC2gWEWJ

BCMC

Address

Ashburn, VA
USA

Industry

Technology

View all jobs at BCMC

What email should the hiring manager reach you at?

By clicking the button above, I agree to the ZipRecruiter Terms of Use and acknowledge I have read the Privacy Policy, and agree to receive email job alerts.