Malware Analyst (Chantilly, VA or Bossier City, LA) US Citizenship Required – POC in Listing
Posted by Steve Fisher on March 8, 2018
To apply to this job, contact Steve Fisher.
***Interested in Consideration for this Opportunity? Please forward current resume along with best time to contact you and best contact number to Judy.Whipple@csra.com
CSRA has an opportunity for a Malware Analyst in the Focused Operations Group within the CSRA Corporate Security Operations Center. The Malware Analyst role works closely with Cyber Threat Intelligence, Forensics, and Insider Threat to protect the company’s critical infrastructure. Daily duties will include reviewing malicious email and files received by CSRA, extracting Indicators of Compromise, and using the resulting data to create rules to block and detect similar activity in the future. There will be opportunities to cross-train and assist other divisions within the CSRA SOC during slow periods. This position may be located in either Bossier City, Louisiana or Chantilly, Virginia.
- Prioritize, analyze, and extract indicators of compromise from malware samples which pose a threat to the CSRA network
- Work closely with the Cyber Threat Intelligence division of the Focused Operations group to identify malware that originated from an APT actor
- Examine malware discovered by the Insider Threat and the Forensics divisions of the Focused Operations group to prevent further infections
- Perform deep-dive analysis into malware samples that have been attributed to APT actors in an effort to better understand their tactics, processes, and objectives.
- Aid the SOC Analysts with in-depth analysis that may have malware as a root cause.
- One of the following:
- BS or equivalent + 5 years of related experience
- MS + 3 years of related experience
- 9 years of related experience
- GIAC GREM Certification (Required)
- Preference will be given to candidates who also possess one or more of the following:
- GWAPT (SANS SEC542)
- GPEN (SANS SEC560)
- OSCP (Offensive Security)
- OSEE (Offensive Security)
- Malware analysis lab design considerations, configuration, and use.
- Systems Administration Experience
- Must know what “Normal” looks like on various operating systems.
- Must be able to install, configure, and maintain both Linux and Windows operating systems.
- Must be familiar with virtualized operating environments.
- Must be able to identify evidence of rootkit activity.
- Experience with utilizing memory forensics for malware analysis with Volatility, Rekall, or similar application.
- Knowledge of anti-analysis techniques and the methods to defeat them.
- Detailed knowledge of Windows APIs and their usage in Malware through direct calls and API Hooking.
- Ability to extract malicious code and OLE objects from MS Office documents.
- Must identify exploit attempts, and be able to extract and analyze the attempted shellcode.
- Proficient with 32-bit and 64-bit disassemblers, debuggers, PE tools, and related applications such as:
- IDA Pro
- Familiarity with process monitoring, flow analysis, network traffic, and system modification recording tools such as:
- Wireshark / Tcpdump
- Alternate Stream View
- Detailed and comprehensive report writing skills.
CSRA is committed to creating a diverse environment and is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status.
- Salary: Not provided
- Clearance Required: No
- Spouse Friendly: No