Reverse-engineer malicious software using malware analysis tools and techniques. Ability to research trends and countermeasures in computer/network vulnerabilities, exploits, and malicious activity. Develop and maintain in-depth knowledge and hands-on experience with computer network security techniques and best practices. Technical focus is on examining malicious programs and assessing malware threats. Candidate must be able to identify suspicious and malicious activity in a heterogeneous network environment and respond appropriately.
Daily activities include:
Conduct vulnerability assessments/penetration tests of information systems
Provide network protocol analysis, host forensics, network forensics
Provide Subject Matter Expertise in computer and network incident response and forensics
Proficient written and verbal communication with customer representatives
Research new and evolving threats and vulnerabilities with potential to impact the monitored environment
Read and understand network packet capture files
Monitoring and analysis of network and IDS information
Log collection, analysis, correlation, and alerting
Identification of suspicious/malicious activities
Identification and tracking of malicious code
Reporting malicious activity to client locations with recommendations for remediation
Review and management of incident resolutions
At least 1 year previous reverse-engineering malware experience as a primary job role and/or equivalent training and demonstrable proficiency.
At least 9-12 months experience with Nessus and/or BackTrack.
The following training is highly desired: SANS GSEC, SANS GCIA, SANS GCIH, CEH, OSCP.
Undergraduate degree in Computer Science, Computer Information Systems, or similar area of study or equivalent experience.
Must be willing to work various shifts in a 24x7 environment
Expert knowledge of monitoring IDS sensors and other network log data sources
Expert knowledge of incident resolution and handling
Expert knowledge of common vulnerabilities and exploits
Expert knowledge of incident analysis and investigation
Strong knowledge of alarm investigation and validation
Strong knowledge of networking
Strong knowledge of common network protocol behavior
Strong knowledge of network traffic analysis tools
Excellent verbal and written communications skills
Excellent customer service skills
Experience with SIM/SIEM technologies desired
Qualified applicants must have a current DOE Q or TS clearance, or be able to pass the appropriate background investigations to attain one. U.S. Citizenship is required.
The above statements are intended to describe the general nature and level of work being performed by people assigned to this job. They are not intended to be an exhaustive list of all responsibilities, duties, skills, or working conditions.
OnPoint Consulting is an equal opportunity employer who firmly supports and recognizes the value of diversity and inclusion in the workplace.
Candidates for this position will undergo a pre-employment background investigation.
OnPoint Consulting, Inc. - 2 years ago
OnPoint provides management excellence that leverages technology to improve the way government works. We partner with clients who believe in...