DoD Program with GDIT.
Our Malware Engineer will analyze code for maliciously capability and determine impact of code to enterprise assets. The Engineer will be responsible for providing written reports on the nature and capabilities of the code and may be required to provide expert witness testimony and/or analysis findings in a court of law. The Engineer will be responsible for performing forensic analysis of IT systems to determine impact of inadvertent or purposeful activities affecting the security of systems.
Essential Job Functions:
Demonstrate expert-level knowledge of network traffic and communications, including known ports and services
Demonstrate expert knowledge of the Windows operating system, expert knowledge in various Linux distributions and the Unix framework
Have expert level knowledge of the following security related technologies: IPS, IDS, SIEM, firewalls, DNS, encryption, HIDS, NIDS, proxies, network packet analyzers, malware analysis, forensic tools, and enterprise level appliances
Demonstrate a deep understanding of various open source and commercial analysis tools used for reverse engineering
Demonstrate knowledge of and familiarity with the ARM instruction set
Demonstrate the ability to analyze complex malicious Windows programs in a reasonable time frame
Demonstrate expert technical ability in reverse engineering custom protocols used by malware
Demonstrate intermediate proficiency with one of the following programming languages: Python, C, C++, Ruby
Design and develops new systems, applications, and solutions for external customer's enterprise-wide cyber systems and networks.
Ensure system security needs established and maintained for operations development, security requirements definition, security risk assessment, systems analysis, systems design, security test and evaluation, certification and accreditation, systems hardening, vulnerability testing and scanning, incident response, disaster recovery, and business continuity planning and provides analytical support for security policy development and analysis.
Integrate new architectural features into existing infrastructures, designs cyber security architectural artifacts, provides architectural analysis of cyber security features and relates existing system to future needs and trends, embeds advanced forensic tools and techniques for attack reconstruction, provides engineering recommendations, and resolves integration and testing issues.
BS or equivalent + 14 yrs related experience, OR MS + 12 yrs related experience
Active Top Secret w/SCI eligibility
Certified Ethical Hacker (CEH) Certification
DoD 8570 IAT Level II Certification
DoD 8570 IASAE/CND Certification
6+ years of Incident and Malware analysis experience in the DOD or IC environment
Experience with cyber incident response based on formal U.S. government guidance (i.e. CJCSM 6510.01B)
Experience in planning, directing, and managing Computer Incident Response Team (CIRT) operations in an organization similar in size
Must have expert-level knowledge of the X86 Instruction set
Have an understanding of DOD accreditation policies, processes, and practices