Skip to Main Content

Malware Forensic Analyst

Loki Labs Inc Fort George Meade, MD

  • Posted: over a month ago
  • $115,000 to $185,000 Yearly
  • Full-Time
  • Benefits: medical, vision, 401k, dental,
Job Description

Your Role:

We are seeking an experienced cyber systems engineer to fill a Malware Forensic Analyst role to support a multi-functional cyber security program.

The Candidate will join a dynamic team of world class security experts to to work in a collaborative fast-moving dynamic team environment working in malware reverse engineering / digital forensics. This position involves engineering solutions to national security threats with analysis that may involve reverse engineering or vulnerability research of network and communication systems. The position requires solid system analysis skills including a strong knowledge of tools and suites used for malware analysis such as debuggers and disassemblers.

We strive to maintain a positive working environment of highly skilled, confident, experienced security professionals who continually learn from one another and develop together as one of the industry's more formidable security assessment teams.

 

Responsibilities

  • Use expertise in malware reverse engineering and analysis to evaluate and analyze complex malicious code through the use of static and dynamic malware analysis tools, including disassemblers, debuggers, virtual machines, hex editors, and un-packers.
  • Perform research in the area of malicious software, vulnerabilities, and exploitation tactics, and recommend preventative or defensive actions.
  • Conduct reverse-engineering for known and suspected malware files. Investigate instances of malicious code to determine attack vector and payload, and to determine the extent of damage and data exfiltration.
  • Produce reports detailing attributes and functionality of malware, and indicators that can be used for malware identification/detection, to include behavior, identified infrastructure used for command and control, and mitigation techniques. Analyze the relationship between a given sample of malware and other known samples/families of malware, and notable features that indicate the origin or sophistication of the malware and its authors.
  • Develop network and host-based signatures to identify specific malware. Recommend heuristic or anomaly-based detection methods.
  • Provide subject matter expertise in the detection, analysis and mitigation of malware, trends in malware development and capabilities, and proficiency with malware analysis capabilities.
  • Support the maintenance of malware analysis platforms and tool sets, identify requirements for new malware analysis capabilities, and contribute to the development of new malware analysis tools and techniques.

 

Requirements

  • Active Top-Secret Clearance with eligibility to obtain an SCI Clearance and complete a CI Polygraph
  • Bachelor’s degree in Computer Science/ Management of Computer Information/ Information Assurance or Security. Relevant comparable technical experience may be substituted for degree requirements.
  • Minimum of 10 years of progressively responsible experience in cyber security, incident response, forensic investigations, with at least 8 years of experience specifically conducting cyber forensic investigation independently and 3 - 5 years of experience leading a team of cyber forensic examiners
  • Cyber Security Forensic Specialist - IAT Level III or CND-IR certifications and CISSP, or ability to obtain within 6 months of hire

 

Additional requirements:

  • Detailed understanding of computer networking (e.g., TCP/IP, HTTP, SSL) - Strong understanding of Windows internals: XP, Vista, Win 7/8/10 - Python scripting to automate analysis and reverse engineering tasks
  • Strong knowledge of tools used for malware analysis such as debuggers and disassemblers
  • Strong understanding of Microsoft System Internals and Windows APIs
  • Experience with commercial tools, like EnCase, XWay, or Binary Ninja
  • Experience with Open-source tools, such as Radare2, Metasploit, and OWASP Zap
  • Familiarity with Atlassian suite and VMware products
  • Functional experience working with military / Department of Defense Cyber community
  • Ability, willingness, and desire to train junior analysts in malware and vulnerability analysis and tools
  • Experience in IOT debugging - OSCP, GREM, and/or SANS DFIR certifications - iOS/Android experience in vulnerability research
  • Participation and success in previous cyber flag exercises
  • Analyzes and assesses infrastructures for potential vulnerabilities that may result from improper configurations, hardware or software flaws, or operational weaknesses
  • 2+ years IDA Pro (or similar tool)
  • 2+ years in debugging and performance tools (windbg/gdb/hex-rays/valgrind)
  • Experience with virtualized environments and able to navigate and use a hybrid cloud to enhance workflows and analysis
  • Ability to quickly make prioritizations and determinations that lead to actionable decisions.
  • Skilled teammate to work together with a team to produce results quickly
  • Ability to communicate technically complex problems to various audiences
  • When required, can work outside of normal working hours and weekends as needed to support the customer’s needs
  • Able to work in a fast-paced environment
  • Excellent written and oral communication skills, and ability to communicate complex concepts and results to all levels of leadership, internal technology teams and other stakeholders. Ability to articulate vision, planning, analysis process, and results in business terms.
  • Comfortable working in a dynamic and changing environment. Ability to apply creativity and analytical skills to deliver best in class solutions despite loosely defined requirements.

Travel Requirements

5 - 10% travel as required by the program.

 

Role Type

This position will be a full-time position, based in Fort Meade.

 

Compensation and Benefits

Market rate salary based on candidate experience, location and qualifications.

Standard entitlements to health care insurance contributions, 401K contributions, paid time off, and annual bonus program in line with company policies.

Company Description
We are a mission-driven team with a passion for protecting people. Our team consists of veterans of the DoD and US Intelligence Community, many who have held top roles supporting offensive and defensive cybersecurity efforts. With decades of experience, we understand the severity of the modern threat landscape. More importantly, we know what it takes to stop them. This first-hand knowledge and training give our engineers a unique perspective, enabling us to deliver the insight needed to make organizations more secure. We serve clients in various industries and backgrounds including, Defense, Intelligence Community, Financial Services, and Fortune 500 Commercial Corporations.

Loki Labs Inc

Why Work Here?
Dynamic, collaborative and fast moving team of world class security experts with a passion for protecting people

We are a mission-driven team with a passion for protecting people. Our team consists of veterans of the DoD and US Intelligence Community, many who have held top roles supporting offensive and defensive cybersecurity efforts. With decades of experience, we understand the severity of the modern threat landscape. More importantly, we know what it takes to stop them. This first-hand knowledge and training give our engineers a unique perspective, enabling us to deliver the insight needed to make organizations more secure. We serve clients in various industries and backgrounds including, Defense, Intelligence Community, Financial Services, and Fortune 500 Commercial Corporations.

Address

902 Reece Rd

Fort George Meade, MD
USA

Industry

Legal

View all jobs at Loki Labs Inc

What email should the hiring manager reach you at?

By clicking the button above, I agree to the ZipRecruiter Terms of Use and acknowledge I have read the Privacy Policy, and agree to receive email job alerts.