Black Eagle Defense
Malware Analyst II with Security Clearance
Black Eagle Defense, Fort George Meade, Maryland, United States
Malware Analyst II with Security Clearance
Salary range $171,000 - $228,000/year.
Responsibilities
Conduct both dynamic and static analysis of suspicious code to establish malicious capability and determine potential impact.
Experience with host and network monitoring for analysis of malware execution & propagation methodologies.
Perform analysis on captured data, such as audit, log, network traffic, etc., to identify any intrusion‑related artifacts.
Understanding of operating system‑specific exploitation vectors.
Analyze malicious code by employing tools, scripting languages, and leveraging virtual machines/environments.
Support 24/7 monitoring of malware threats to networks, hosts, mission platforms, and boundaries.
Generate documentation of vulnerabilities and exploits used by malware in written reports.
Communicate written and verbal information in a timely, clear, and concise manner.
Apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non‑repudiation).
Generate a technical summary of findings in accordance with established reporting procedures.
Develop and recommend mitigation strategies.
Develop signatures, techniques, and rules to identify malware vectors.
Collaborate with internal and external organizations to evaluate emerging threats.
Correlate data from multiple sources to identify probable threat actors.
Qualifications
Five (5) years of relevant, demonstrated experience.
Three (3) years of demonstrated experience with malware analysis.
Two (2) years of demonstrated experience with tools such as GHIDRA, SYSInternals, FireEye AX, or similar technologies.
One (1) year of demonstrated experience with the development of code in languages such as Python, Lua, C/C++, Ruby, or similar.
Certifications & Technical Proficiencies
DoD 8570 compliance with CSSP Analyst baseline certification.
Information Assurance Technical (IAT) Level I (possess one of: A+ CE, CCNA‑Security, CND, Network+ CE, SSCP) or Level II (possess one of: CCNA Security, CySA+, GICSP, GSEC, Security+ CE, CND, SSCP) certification.
Computing Environment (CE) certification requirements can be fulfilled with either Microsoft OS, Cent OS/Red Hat OS CE certifications.
Global Information Assurance Certification (GIAC) Certified Forensic Analyst (GCFA) certificate or Certified Reverse Engineering Malware (GREM) certificate.
Successful completion of the Splunk software training course "Fundamentals 1".
#J-18808-Ljbffr
Responsibilities
Conduct both dynamic and static analysis of suspicious code to establish malicious capability and determine potential impact.
Experience with host and network monitoring for analysis of malware execution & propagation methodologies.
Perform analysis on captured data, such as audit, log, network traffic, etc., to identify any intrusion‑related artifacts.
Understanding of operating system‑specific exploitation vectors.
Analyze malicious code by employing tools, scripting languages, and leveraging virtual machines/environments.
Support 24/7 monitoring of malware threats to networks, hosts, mission platforms, and boundaries.
Generate documentation of vulnerabilities and exploits used by malware in written reports.
Communicate written and verbal information in a timely, clear, and concise manner.
Apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non‑repudiation).
Generate a technical summary of findings in accordance with established reporting procedures.
Develop and recommend mitigation strategies.
Develop signatures, techniques, and rules to identify malware vectors.
Collaborate with internal and external organizations to evaluate emerging threats.
Correlate data from multiple sources to identify probable threat actors.
Qualifications
Five (5) years of relevant, demonstrated experience.
Three (3) years of demonstrated experience with malware analysis.
Two (2) years of demonstrated experience with tools such as GHIDRA, SYSInternals, FireEye AX, or similar technologies.
One (1) year of demonstrated experience with the development of code in languages such as Python, Lua, C/C++, Ruby, or similar.
Certifications & Technical Proficiencies
DoD 8570 compliance with CSSP Analyst baseline certification.
Information Assurance Technical (IAT) Level I (possess one of: A+ CE, CCNA‑Security, CND, Network+ CE, SSCP) or Level II (possess one of: CCNA Security, CySA+, GICSP, GSEC, Security+ CE, CND, SSCP) certification.
Computing Environment (CE) certification requirements can be fulfilled with either Microsoft OS, Cent OS/Red Hat OS CE certifications.
Global Information Assurance Certification (GIAC) Certified Forensic Analyst (GCFA) certificate or Certified Reverse Engineering Malware (GREM) certificate.
Successful completion of the Splunk software training course "Fundamentals 1".
#J-18808-Ljbffr