Role: Cyber Operations Malware Analyst – Senior
Location: Fort Knox, KY OR Remote
Education/Certifications: MA/MS preferred; Security+; IAT Level III; Computing Environment Certification
Years of Experience: 10+
Clearance Level & Investigation: TS/SCI, SSBI
IA Cert Level (DoD 8570.01): IAT Level III (CISSP, GCIH, or GCED recommended)
Computing Environment Certifications: Required
Job Description:
Qualifications:
- Leads and participates in evaluation and analysis of complex malicious code through utilization of tools, including dissemblers, debuggers, hex editors, un-packers, virtual machines, and network sniffers.
- Responsible for providing findings in technical reports with details of malware, identification parameters, advanced capabilities, and mitigation strategies.
- Conducts research on malicious software, vulnerabilities, and exploitation tactics.
- Requires experience with application security, network security, reverse engineering, or malware.
- Requires strong knowledge of worms, viruses, Trojans, rootkits, botnets, Windows internals, and Win32 APL.
- Extensive experience required in programming (assembly and web) and system analysis with various tools, including IDA Pro, Ollydbg, PCAP tools, or TCP Dump.
- Must be professionally certified, within a Computer Network Defense (CND) discipline, as Technical Level Ill as defined by DODI 8570.
- Must hold TS/SCI clearance and SSBI investigation.
Specific Responsibilities:
- Provides support for defensive cyberspace operation by reviewing and evaluating network traffic, and identifying baselines to facilitate locating adverse network trends, anomalous traffic, or malicious cyberspace activity.
- Supports network analysis by performing hunting, clearing, hardening, and continual assessment operations as well as providing Cyber Threat Emulation (CTE) and Discovery and Counter-Infiltration (D&CI) capabilities.
- Provides surge support, technical guidance, and expertise in the areas of Cybersecurity to support Customer, Mission Partners, IMOs, ISSOs, IS Owners, Software Developers, Network System, and Database Administrators IAW all related cyber regulations and directives; provide results in reports, briefs, and deliverables as required to the appropriate Government representative.
- Provide Cybersecurity surge support in the event of real world or additional requirements in support of RMF compliance checks and documentation review across authorization boundaries, including, but not limited to:
- Perform security review preparation for all security controls associated with RMF applicable to an assigned authorization boundary based upon the Confidentiality, Integrity, or Availability designation.
- Perform on site or off-site reviews of all information systems to audit and validate compliance with associated security controls.
- Perform as reviewers of audit teams during inspections, assessments, evaluations, audits, etc.
- Provide reports to the assigned Government representative as required.
- Provide reviews, validation, and deliverable efforts in support of compliance or non-compliance IAW CCI, STIGs and SRGs for each finding or vulnerability IAW RMF.
- Provide embedded Cybersecurity support across Customer or other supported organizations as required.