The Senior Malware Engineer will be responsible for reverse engineering, malware analysis, and incident detection and identification for a civilian federal agency. The successful candidate must have experience with the following: computer forensics, malware analysis, and incident management. The candidate must be able to: remove known/custom packers, protectors, and crypters that are used to obfuscate/protect malware; perform static analysis of malware is using Assembly language (x86) or C/C++ and IDA Pro/Debuggers to determine malware functionality; Identify process/thread/kernel manipulation in malicious code; interact with running programs to perform analysis; create comprehensive reports on malware analysis and artifact discovery. An in-depth knowledge of Windows Operating System Internals (Kernel, Registry, File system, Windows APIs) is required.
The position requires strong collaboration skills. This is a team environment, and requires willingness and ability to cross-train in various cyber security areas, multi-tasking, and change activities and directions quickly. A strong desire to be on the bleeding edge of federal cyber security analysis and forensics required.
The position requires some domestic travel and an ability to work with clients resident in multiple time zones.
General Description of Duties:
1. Continuously monitor multiple network full packet capture systems to detect and identify potential malware incidents.
2. Perform dynamic and static analysis and reverse engineer suspected and confirmed malware to determine potential data loss and origin.
3. Write response kits for a variety of malware.
4. Other duties as assigned.
Education: Bachelor’s degree in a related field or equivalent experience. Certified Reverse Engineering Analyst (CREA) and advanced CREA certifications strongly desired.
Experience: Minimum of 8 years IT/technical experience is required, to include 4 or more years of progressive information security experience. Experience with tools such as Wireshark, IDA Pro and OllyDbg is desired.
Skills: The position requires a demonstrated capacity to identify and analyze malware through reverse engineering identified anomalies and to follow specific incident management procedures. Excellent technical, writing, and presentation skills are required. Requires excellent organizational skills and attention to detail, excellent customer service skills, working knowledge of Microsoft Office, ability to multitask, and excellent written and verbal communication skills.
Unique Requirements: Candidate will be subject to a security investigation and will need to meet eligibility requirements for access to classified information. Must be clearable to Top Secret (TS)/DOE Q. Prefer active DOE Q Security Clearance. Candidate must be available for some domestic travel.
US Citizenship is a requirement for this position. Candidate may be subject to a security investigation and may need to meet eligibility requirements for access to classified information. Security clearances are a plus.
Positive Attitude: Demonstrates the ability to look for opportunities in the midst of challenges; brings forth solutions to difficult situations and issues; delivers difficult communications with an eye towards lessons learned and opportunities to be gained at an individual, client, and company perspective.
Effective Communication: Communicate clearly and effectively when delivering verbal and written communications; speaking (and listening) is clear, empathetic, non-defensive and non-judgmental; builds strong, trusting, and rewarding relationships, thinks creatively, solve problems, and resolve conflicts.
Competence: Being current and forward thinking in one’s area of responsibility; demonstrating the ability to work through and anticipate challenges and issues proposing sound solutions to complex problems.
Commitment: Service driven perspective, understanding the importance and significance of your role and the impact of your performance on you, your team, the client, and the company. Demonstrates a willingness to do what is needed to further the mission and vision of the company and client.
Resilience: The ability to be flexible in the face of changing employee, client, or company requirements and requests; recovers and redirects efforts appropriately in the face of any deviation or disruption in service or resources.
While performing the duties of this job, the employee is regularly required to talk, hear, and use hands to finger, handle or feel objects, tools, or controls. The employee is occasionally required to reach with hands and arms. Specific vision abilities required by this job include close vision. The employee must occasionally lift or move up to 25 pounds. All applicants will be required to consent to a pre-employment drug screening and may be subject to random testing thereafter.