This task requires knowledge of computer network theory, ability to understand communication methods and malicious properties, and TTPs of advanced persistent threats. Additionally, this task requires technical knowledge of malware analysis, incident handling, ethical hacking, and drafting and implementing security incident response policies.
Daily activities include:
- Employs engineering techniques and processes to analyze software to identify vulnerabilities
- Re-creates programs to rebuild something similar to it, exploits its weaknesses, or strengthens its defenses
- Develops design specifications by inspection and analysis to offset various malware and to protect and defend USCYBERCOM infrastructure
- Develops, researches, and maintains proficiency in tools, techniques, countermeasures, and trends in computer and network vulnerabilities, data hiding, and encryption
- Conducts vulnerability assessments/penetration tests of information systems
- Ensures software standards are met; designs, develops, documents, tests, and debugs applications software and systems that contain logical and mathematical solutions
- Performs in-depth detailed research of software and methodologies to build defensive and offensive technical capabilities for USCYBERCOM
- Participates in formal technical briefing and proposals
- Performs system analysis, reverse engineering, and static, dynamic, and best-practice malware analytical methodologies on Windows, Android, or UNIX – based platforms.
- Has an in-depth understanding of security concepts, protocols, processes, architectures, and tools (authentication and access control technologies, intrusion detection, network traffic analysis, incident handling, media/malware analysis, etc.), malware and programming skills to include C/C++ and Assembly language, and detailed understanding of how network-based attacks work at the operating system and/or protocol level
- Minimum of five (5) years of experience as a Malware Analyst
- Minimum of Bachelor’s Degree from an accredited college or university in Computer Engineering, Computer Science, Cybersecurity, Computer Engineering, or related discipline
- A minimum of DoD 8140/DoD 8570 IAM Level I Certification
- Strong attention to detail and organizational skills.
- Excellent communications skills.