Special Aerospace Security Services, Inc.
Malware Analyst
Special Aerospace Security Services, Inc., Washington, District of Columbia, us, 20022
Senior Malware Analyst
Location:
Arlington, VA (Hybrid: Onsite & Remote) Clearance Required:
Active Secret (TS/SCI strongly preferred) Employment Type:
Full-Time, Regular
Job Description
Special Aerospace Security Services, Inc. (SASSI) is seeking a Senior Malware Analyst to support a U.S. Government customer. The ideal candidate will be a technical expert in malware analysis, capable of working independently with minimal to no technical training required. This role demands advanced proficiency in malware analysis disciplines including mobile forensics, file and software analysis, phishing/email analysis, and URL/domain analysis.
The selected candidate will be expected to handle everyday malware work (Tier 1 email analysis, file analysis of executables, etc.) at a senior level, while training will be focused only on Customer-specific processes and procedures.
Work Environment
This position is a hybrid role, with a required split between onsite support in Arlington, VA, and remote work. Candidates must be able to: Maintain a reliable presence during core business hours (8:30 AM to 3:30 PM EST, Monday-Friday, with flexible work hours between 7:00 AM and 6:00 PM). Be available onsite as scheduled for mission requirements, collaborative sessions, and classified work. Remain responsive and engaged during remote days, actively participating in meetings, incident response activities, and customer communications via Microsoft Teams, email, and other platforms. Key Responsibilities
Conduct advanced static and dynamic malware analysis to uncover behavior, capabilities, and delivery mechanisms. Perform reverse engineering using tools such as IDA Pro, Ghidra, Binary Ninja to analyze compiled code and embedded threats. Lead and conduct mobile device forensic investigations (iOS/Android). Conduct file and software analysis to detect malicious payloads, trojans, and obfuscation techniques. Perform email analysis to identify phishing attempts, malicious attachments, and social engineering vectors. Conduct URL/domain analysis to uncover malicious redirection, spoofing tactics, and C2 infrastructure. Capture and analyze volatile memory, logs, and artifacts from compromised systems. Develop detection signatures, IOCs, YARA rules, and threat models based on analysis. Collaborate with incident response, SOC, and threat intelligence teams. Produce detailed technical reports and risk analysis briefings for senior leadership. Minimum Qualifications
U.S. Citizenship (required). Active Secret clearance (minimum; TS/SCI preferred). Bachelor's degree in Cybersecurity, Computer Science, Digital Forensics, or related discipline (may be substituted with equivalent experience). 8+ years of malware analysis, reverse engineering, or forensic experience. Proven ability to operate as a senior-level analyst without technical training in: Mobile forensics File and software analysis Email analysis (phishing detection) URL/domain analysis Required Skills & Tools
Expertise in Windows/Linux internals, file systems, and executable formats. Strong knowledge of network protocols (TCP/IP, HTTP/S, DNS). Proficiency with malware analysis and forensics tools: IDA Pro, Ghidra, Binary Ninja, Radare2 Volatility, Cellebrite, Oxygen Forensics, FTK, EnCase, X-Ways Cuckoo Sandbox, ANY.RUN, VirusTotal Enterprise Scripting for automation: Python, Bash, PowerShell. Familiarity with MITRE ATT&CK, STIX/TAXII, and threat intelligence feeds. Certifications
Required (one or more):
CASP+ (CompTIA Advanced Security Practitioner) CISSP (ISC)² Certified Information Systems Security Professional GCED (GIAC Certified Enterprise Defender) GCIH (GIAC Certified Incident Handler) Preferred (one or more):
GREM (GIAC Reverse Engineering Malware) OSCP / OSCE / OSEP CEH (Certified Ethical Hacker) CREA (Certified Reverse Engineering Analyst) GCFA / GNFA Education
Bachelor's degree in Cybersecurity, IT, Computer Science, or Digital Forensics (preferred; equivalent experience considered). Job Type: Full-time
Benefits:
401(k) Dental insurance Health insurance Vision insurance
Location:
Arlington, VA (Hybrid: Onsite & Remote) Clearance Required:
Active Secret (TS/SCI strongly preferred) Employment Type:
Full-Time, Regular
Job Description
Special Aerospace Security Services, Inc. (SASSI) is seeking a Senior Malware Analyst to support a U.S. Government customer. The ideal candidate will be a technical expert in malware analysis, capable of working independently with minimal to no technical training required. This role demands advanced proficiency in malware analysis disciplines including mobile forensics, file and software analysis, phishing/email analysis, and URL/domain analysis.
The selected candidate will be expected to handle everyday malware work (Tier 1 email analysis, file analysis of executables, etc.) at a senior level, while training will be focused only on Customer-specific processes and procedures.
Work Environment
This position is a hybrid role, with a required split between onsite support in Arlington, VA, and remote work. Candidates must be able to: Maintain a reliable presence during core business hours (8:30 AM to 3:30 PM EST, Monday-Friday, with flexible work hours between 7:00 AM and 6:00 PM). Be available onsite as scheduled for mission requirements, collaborative sessions, and classified work. Remain responsive and engaged during remote days, actively participating in meetings, incident response activities, and customer communications via Microsoft Teams, email, and other platforms. Key Responsibilities
Conduct advanced static and dynamic malware analysis to uncover behavior, capabilities, and delivery mechanisms. Perform reverse engineering using tools such as IDA Pro, Ghidra, Binary Ninja to analyze compiled code and embedded threats. Lead and conduct mobile device forensic investigations (iOS/Android). Conduct file and software analysis to detect malicious payloads, trojans, and obfuscation techniques. Perform email analysis to identify phishing attempts, malicious attachments, and social engineering vectors. Conduct URL/domain analysis to uncover malicious redirection, spoofing tactics, and C2 infrastructure. Capture and analyze volatile memory, logs, and artifacts from compromised systems. Develop detection signatures, IOCs, YARA rules, and threat models based on analysis. Collaborate with incident response, SOC, and threat intelligence teams. Produce detailed technical reports and risk analysis briefings for senior leadership. Minimum Qualifications
U.S. Citizenship (required). Active Secret clearance (minimum; TS/SCI preferred). Bachelor's degree in Cybersecurity, Computer Science, Digital Forensics, or related discipline (may be substituted with equivalent experience). 8+ years of malware analysis, reverse engineering, or forensic experience. Proven ability to operate as a senior-level analyst without technical training in: Mobile forensics File and software analysis Email analysis (phishing detection) URL/domain analysis Required Skills & Tools
Expertise in Windows/Linux internals, file systems, and executable formats. Strong knowledge of network protocols (TCP/IP, HTTP/S, DNS). Proficiency with malware analysis and forensics tools: IDA Pro, Ghidra, Binary Ninja, Radare2 Volatility, Cellebrite, Oxygen Forensics, FTK, EnCase, X-Ways Cuckoo Sandbox, ANY.RUN, VirusTotal Enterprise Scripting for automation: Python, Bash, PowerShell. Familiarity with MITRE ATT&CK, STIX/TAXII, and threat intelligence feeds. Certifications
Required (one or more):
CASP+ (CompTIA Advanced Security Practitioner) CISSP (ISC)² Certified Information Systems Security Professional GCED (GIAC Certified Enterprise Defender) GCIH (GIAC Certified Incident Handler) Preferred (one or more):
GREM (GIAC Reverse Engineering Malware) OSCP / OSCE / OSEP CEH (Certified Ethical Hacker) CREA (Certified Reverse Engineering Analyst) GCFA / GNFA Education
Bachelor's degree in Cybersecurity, IT, Computer Science, or Digital Forensics (preferred; equivalent experience considered). Job Type: Full-time
Benefits:
401(k) Dental insurance Health insurance Vision insurance