Title: Senior Malware Analyst

Location: Fort Meade, MD

Clearance: TS/SCI w/CI polygraph

Responsibilities:

• Conduct in-depth malware reverse engineering, including the analysis of malware samples, understanding their functionality, and identifying their purpose
• Utilize various tools and techniques, such as static and dynamic analysis, debugging, and disassembly, to analyze and dissect complex malware samples
• Develop custom scripts and tools to automate and streamline the reverse engineering process
• Identify and understand the techniques used by advanced threat actors, including zero-day vulnerabilities, exploit development, and advanced persistent threats (APTs)
• Collaborate with the SOC team to develop and implement countermeasures, such as antivirus signatures, intrusion detection system (IDS) rules, and mitigation strategies
• Provide expert guidance and advice to other SOC team members, assisting with incident response and malware analysis efforts
• Develop and deliver training materials to enhance the skills and knowledge of the SOC team in the field of malware reverse engineering
• Maintain up-to-date knowledge of the latest malware threats, vulnerabilities, and industry trends, sharing relevant information with the SOC team
• Contribute to the development of the organization's threat intelligence capabilities by producing high-quality analytical repo11s and assessments
• Liaise with external partners such as law enforcement, industry peers, and information­ sharing groups, to exchange information on threats and best practices

Requirements:

• Bachelor's degree preferred, with a minimum of 5 years of experience in malware reverse engineering, with a strong focus on advanced threats and sophisticated malware
• Expertise in reverse engineering tools and techniques, including IDA Pro, Ghidra, OllyDbg, and x64dbg
• Proficiency in programming languages such as C, C++, Python, and Assembly
• Strong understanding of operating systems, networking protocols, and software exploitation techniques
• Familiarity with various threat intelligence platforms such as MITRE ATT&CK framework and the Cyber Kill Chain
• Experience with monitoring threats through Tools, Techniques, and Procedures and how they relate to the MITRE ATT&CK framework
• Excellent written and verbal communication skills, with the ability to present complex information in a clear and concise manner
• The ability to communicate technical concepts to technical and non-technical audiences
• Capability to train and mentor staff and bring awareness to current and emerging threats
• Current active TS/SCI clearance w/CI polygraph required

Equal Opportunity Employer/Veterans/Disabled