Malware Analyst
Lockheed Martin Corporation - Arlington, VA

This job posting is no longer available on Lockheed Martin Corporation. Find similar jobs: Malware Analyst jobs - Lockheed Martin Corporation jobs

As a Malware Analyst (sometimes called a Reverse Engineer) supporting the US-CERT, candidate examines malicious software, such as bots, worms, and trojans to understand the nature of their threat. This task usually involves reverse-engineering the compiled executable and examining how the program interacts with its environment. The analyst may be asked to document the specimen's attack capabilities, understand its propagation characteristics, and define signatures for detecting its presence.
Applies an understanding of the information security, cyber security, and operational characteristics of a variety of computer platforms, networks, software applications, and operating systems
Ability to explain to others the methods and techniques used in assigned work.
Evaluates and assesses operating practices to determine adequate risk management and compliance standards.
Is responsible for contributing with limited supervision, to projects, programs, and initiatives with medium-threat and moderate scope. This is a 24/7 program and has three shifts. The shift for this position is yet to be determined.

Basic Qualifications
The successful candidate must:
1. Hold information security certification especially Global Information Assurance Certification(GIAC)Reverse Engineering Malware (GREM) and GIAC Certified Forensics Analyst(GCFA).
2. Hold TS Clearance with (in order of preference) active SCI, previous SCI, or eligible for SCI.
3. Have excellent written and oral communications skills.
4. Have sufficient reverse engineering/malware knowledge to work with minimal supervision and guidance and able to follow directions of senior engineers in all aspects of malware analysis.
5. Possess some of the following skills:
a. Assemble the toolkit for malware forensics
b. Perform behavioral analysis of malicious Windows executables
c. Perform static and dynamic code analysis of Malicious Windows executables
d. Intercept system and network-level activities in the analysis lab
e. Patch compiled malicious Windows executables
f. Shortcuts for speeding up malware analysis
g. Core concepts for reverse-engineering malware at the code level
h. x86 Intel assembly language understanding
i. Identify key x86 assembly logic structures with a disassembler
j. Patterns of common malware characteristics at the Windows API level
k. Work with PE headers of malicious Windows executables
l. Handle DLL interactions and API hooking
m. Manual unpacking of protected malicious Windows executables
n. Capability to subvert anti-analysis mechanisms built into malware
o. Analyze protected malicious browser scripts written in JavaScript and VBScript
p. Reverse-engineer malicious Flash programs
q. Analyze malicious Microsoft Office (Word, Excel, PowerPoint) and Adobe PDF documents
r. Examine shellcode in the context of malicious files
s. Analyze memory to assess malware characteristics and reconstruct infection artifacts
t. Use memory forensics to analyze rootkit infections.

Desired skills
1. Demonstrate experience in a Dept. of Homeland Security (DHS) information technology environment especially the US-CERT environment.
2. Understanding of Einstein capabilities and operation.
3. Understanding of US-CERT processes, business rythmns, reporting, and associated tools especially those used in incident handling/processing.
4. Experience with incident analysis tools such as:
a. Encase
b. ByteBack
c. Sleuth Kit
d. Autopsy
e. Maresware
f. The Coroner's Tool Kit
g. Paraben

Security Clearance
TS/SCI

LMCareers Business Unit
ESS0997 IS&GS-CIVIL (S8200)

Business Area
Info Systems & Global Sol

Program
QinetiQ/US-CERT

Department
7248024:BPS - CRM Programs

Job Class
Information Security/Information Assurance

Job Category
Experienced Professional

City
Arlington

State
Virginia

City/Building Location
US-CERT, 1110 N Glebe Road 9th Floor Arlington, VA 22201

Virtual
No

Relocation Available
Possible

Work Schedule
FLEX-Non-Standard 40 hour week

Req Type
Blue Sky

Direct/Indirect
Direct

Shift

Lockheed Martin Corporation - 20 months ago - save job - block
Recommended Jobs
Cyber Security Analyst
ManTech International Corportation - Herndon, VA
ManTech International Corportation - 18 hours ago

IDS Analyst
ManTech International Corportation - Washington, DC
ManTech International Corportation - 8 days ago

Cyber Security Analyst
Trusant Technologies, LLC - McLean, VA
Trusant Technologies, LLC - 2 days ago
About this company
1,657 reviews
Breakthrough performance. Game-changing innovations. Unwavering sense of purpose. Our employees are the core of our business here at...