Senior Malware Engineer
Contract to Direct M-F 40 hours weekly, 6+ months
Our Malware Engineer will analyze code for maliciously capability and determine impact of code to enterprise assets. The Engineer will be responsible for providing written reports on the nature and capabilities of the code and may be required to provide expert witness testimony and/or analysis findings in a court of law. The Engineer will be responsible for performing forensic analysis of IT systems to determine impact of inadvertent or purposeful activities affecting the security of systems.
Essential Job Functions:
- Demonstrate expert-level knowledge of network traffic and communications, including known ports and services
- Demonstrate expert knowledge of the Windows operating system, expert knowledge in various Linux distributions and the Unix framework
- Have expert level knowledge of the following security related technologies: IPS, IDS, SIEM, firewalls, DNS, encryption, HIDS, NIDS, proxies, network packet analyzers, malware analysis, forensic tools, and enterprise level appliances
- Demonstrate a deep understanding of various open source and commercial analysis tools used for reverse engineering
- Demonstrate knowledge of and familiarity with the ARM instruction set
- Demonstrate the ability to analyze complex malicious Windows programs in a reasonable time frame
- Demonstrate expert technical ability in reverse engineering custom protocols used by malware
- Demonstrate intermediate proficiency with one of the following programming languages: Python, C, C++, Ruby
- Design and develops new systems, applications, and solutions for external customer's enterprise-wide cyber systems and networks.
- Ensure system security needs established and maintained for operations development, security requirements definition, security risk assessment, systems analysis, systems design, security test and evaluation, certification and accreditation, systems hardening, vulnerability testing and scanning, incident response, disaster recovery, and business continuity planning and provides analytical support for security policy development and analysis.
- Integrate new architectural features into existing infrastructures, designs cyber security architectural artifacts, provides architectural analysis of cyber security features and relates existing system to future needs and trends, embeds advanced forensic tools and techniques for attack reconstruction, provides engineering recommendations, and resolves integration and testing issues.
BS or equivalent + 14 yrs related experience, OR MS + 12 yrs related experience
- Active Top Secret w/SCI eligibility
- Certified Ethical Hacker (CEH) Certification
- DoD 8570 IAT Level II Certification
- DoD 8570 IASAE/CND Certification
- 6+ years of Incident and Malware analysis experience in the DOD or IC environment
- Experience with cyber incident response based on formal U.S. government guidance (i.e. CJCSM 6510.01B)
- Experience in planning, directing, and managing Computer Incident Response Team (CIRT) operations in an organization similar in size
- Must have expert-level knowledge of the X86 Instruction set
- Have an understanding of DOD accreditation policies, processes, and practices
Job Status: Contract/Temporary