MALWARE REVERSE ENGINEER
MALWARE REVERSE ENGINEER
Candidate MUST HAVE a TS/SCI and Polygraph security clearance in order to be considered.
The contract provides Computer Network Defense and Analysis (CND) to the customer’ s network. Because the customer allows their user community to access their personal email accounts while on site, there is a lot of spam hitting their network regularly. This contract is responsible for the 24 x 7 x 365 protection of the customer’ s network from maliciously intended viruses and attacks on their network.
- The Cyber Security Forensic Specialist- Senior on this Cyber Security Operations and Engineering support contract performs the following duties:
- Performs overall network defense activities
- Provides in-depth analysis of suspected malicious code and/or infected/compromised systems and network devices
- Performs necessary inspection and reverse-engineering activities to understand the behavior of the software and the root cause for its presence
- Develops recommendations on how to counter or mitigate the threat
- Expert-level knowledge and experience in malware reverse engineering using static and dynamic analysis tools to include disassemblers, debuggers, virtual machines, hex editors, and un-packers to include: Commercial (IDA Pro, Hex-Rays, WinDbg, etc.) and Open Source tools like OllyDbg
- Expert-level experience in malware reverse engineering to determine attack vectors, payloads, exfiltration mechanisms, etc. on one or more of Linux, Windows, or Mobile Platforms
- Experience writing code (C, C++, Python, Perl, Java, Powershell, Assembly language, etc.)
- Computer Network Exploitation (CNE), Computer Network Attack (CNA) and Computer Network Defense (CND) tools and techniques
- Advanced cyber threats targeting enterprises, along with the tools, tactics, and procedures used by those threats.
- Experience using EnCase, FTK, and Open Source methods and tools to perform Computer Forensic investigations
- DOD8570 IAT Level III or CND-IR
- BS (bachelor' s degree in electrical engineering, computer engineering, computer science, or other closely related IT discipline)
- Familiarity with the following classes of enterprise cyber defense technologies:
- Security Information and Event Management (SIEM) systems
- Network Intrusion Detection System/Intrusion Prevention Systems (IDS/IPS)
- Host Intrusion Detection System/Intrusion Prevention Systems (IDS/IPS)
- Network and Host malware detection and prevention
- Network and Host forensic applications
- Web/Email gateway security technologies
- Behavioral based threat models like Cyber Kill Chain, etc.
- Familiarity with Linux OS and mobile iOS/Android forensics
- Network protocols and networking concepts.
- Windows Operating System Internals and Windows APIs.
- PE file format and experience parsing structured or unstructured data
Job Type: Full Time