Thursday, January 7, 2016

Malware Analyst

Senior Cyber Analyst (Malware)

Location: Reston, VA
Job Type: Contract to Hire or Contract (Open to either)
Salary: DOE



MUST BE a US CITIZEN

MUST BE ABLE to obtain a DoD Clearance

JOB DESCRIPTION

PROJECT BACKGROUND AND REQUIREMENTS

1. BACKGROUND 
The Inc Information Security GSOC (Global Security Operations Center) is responsible for the security of the networks and data. It is a 24 x 7 x 365 operation that provides around the clock intrusion detection and incident support to home markets around the globe. The GSOC is staffed with analysts with sophisticated cyber security skills. In support of Computer Network Defense, is seeking Cyber Analyst Senior Principal with a focus on Malware Analysis. This position requires leadership and management of junior analysts.


2. REQUIREMENTS
• Must be a US Citizen.
• Must be able to obtain a DoD clearance.
• Incident Response Experience
• Experience with targeted malware analysis
• Proficiency with open source malware analysis tools
• Experience with Microsoft, Apple, and Linux-based operating systems.
• Ability to perform Behavioral/Static Malware Analysis
• Ability to read and interpret pcap data
• Ability to review and interpret host-based alerting
• Experience with SIEM platforms (ArcSight) - including content creation (channels, rules, reports)
• Eligibility to obtain/maintain a security clearance
• Shift Flexibility - ability to provide on call support when needed
• Ability to work greater than 40 hours per week as needed
• Ability to act as full-time on-call escalation point for security incidents
  • malware family identification -- Yara experience must have (Yara signature)


Preferred Skills and Education:
• McAfee Access Protection

• Python/Perl/PowerShell Scripting
• Yara
• SANS (GREM, GCFE, GCFA, EnCE, CFE)
• InfoSec Institute (CREA)

3. JOB RESPONSIBILITIES/PROJECT TASKS
This position will be responsible for providing development of cyber security tools and support to the Security Operations group. Tasks may include the following elements:

• Perform triage analysis of malware samples.
• Provide malware family identification.
• Write Yara signatures to identify and Client malware.
• Work with Malware Reverse Engineer to create malware decoders.
• Monitor SIEM tool for host based signatures, tune and escalate accordingly.
• Monitor for new malware samples using subscription services.
• Support Security Operations by providing timely report of relevant malware indicators for intrusion detection.
• Support the Forensic team's ability to Client active malware.
• Write custom scripts to de-obfuscate, decode and automate analysis process.
• Produce accurate, evidence-based, high quality reports and presentations.

Sr Cyber Analyst - Malware Analysis
  • looking at malware all day
  • work with forensics Analyst
  • go through as many samples as possible 
  • deal with more targeted malware, custom code, to attack the network
  • GREM - reverse engineering malware cert
  • scripting, python - malware zoo/repository
  • open source experience
  • malware in virtual environment
  • write malware reports to hand over to forensics
  • work with reverse engineer to create custom decoders and parsers for malware
  • malware family identification -- Yara exp must have (Yara signature)
  • working with macafee access protection


If qualified and interested, please send your most current resume as a word document to Jason Weinstein at jason.weinstein@mondo.com

 
Jason Weinstein
Technical Recruiter, Mondo
P: 646-230-0876
Philadelphia, PA 19103

www.mondo.com