Malware Analyst ITC #625
Are you ready to make a difference?
Job Locations: US-LA-Bossier City
Category: Information Technology
Telecommuting Options: Telecommuting Not Allowed
This position is a part of the Focused Operations group within the CSRA Corporate Security Operations Center. The Malware Analyst role works closely with Cyber Threat Intelligence, Forensics, and Insider Threat to protect the company’s critical infrastructure. Daily duties will include reviewing malicious email and files received by CSRA, extracting Indicators of Compromise, and using the resulting data to create rules to block and detect similar activity in the future. There will be opportunities to cross-train and assist other divisions within the CSRA SOC during slow periods.
- Prioritize, analyze, and extract indicators of compromise from malware samples which pose a threat to the CSRA network
- Work closely with the Cyber Threat Intelligence division of the Focused Operations group to identify malware that originated from an APT actor
- Examine malware discovered by the Insider Threat and the Forensics divisions of the Focused Operations group to prevent further infections
- Perform deep-dive analysis into malware samples that have been attributed to APT actors in an effort to better understand their tactics, processes, and objectives.
- Aid the SOC Analysts with in-depth analysis that may have malware as a root cause.
- One of the following:
- BS or equivalent + 5 years of related experience
- MS + 3 years of related experience
- 9 years of related experience
- GIAC GREM Certification (Required)
- Preference will be given to candidates who also possess one or more of the following:
- GWAPT (SANS SEC542)
- GPEN (SANS SEC560)
- OSCP (Offensive Security)
- OSEE (Offensive Security)
- Malware analysis lab design considerations, configuration, and use.
- Systems Administration Experience
- Must know what “Normal” looks like on various operating systems.
- Must be able to install, configure, and maintain both Linux and Windows operating systems.
- Must be familiar with virtualized operating environments.
- Must be able to identify evidence of rootkit activity.
- Experience with utilizing memory forensics for malware analysis with Volatility, Rekall, or similar application.
- Knowledge of anti-analysis techniques and the methods to defeat them.
- Detailed knowledge of Windows APIs and their usage in Malware through direct calls and API Hooking.
- Ability to extract malicious code and OLE objects from MS Office documents.
- Must identify exploit attempts, and be able to extract and analyze the attempted shellcode.
- Proficient with 32-bit and 64-bit disassemblers, debuggers, PE tools, and related applications such as:
- IDA Pro
- Familiarity with process monitoring, flow analysis, network traffic, and system modification recording tools such as:
- Wireshark / Tcpdump
- Alternate Stream View
- Detailed and comprehensive report writing skills.
It’s simple. We’re passionate about the inspirational missions of our customers and we entrust our employees and teams to deliver exceptional performance to enable the safety, security, health and well-being of our nation.
Work With Exceptional Professionals
Our 19,000 employees understand that success is a matter of perseverance, courage, adaptability and experience. Our outstanding teams collaborate with our customers, business partners and each other to deliver the best technologies and solutions aligned to critical mission requirements. We remain focused on our customers at all times, demonstrate ethical leadership, commit to excellence in program execution, aspire to achieve great things, and are inspired to deliver exceptional results to help our customers succeed.
We Support Your Career Success
We provide the tools and resources to help you be successful, and our culture fosters an environment in which idea sharing and collaboration is essential. We are committed to providing our people with career opportunities, professional development, training, and internal mobility. CSRA’s continuous learning environment offers you the chance to develop new skills and knowledge at your preferred pace. Participate in one of our many training options to grow your skills and career.
What's In It For You?
Picture yourself in a place where your work can make a real difference to the safety, security, health and well-being of our nation, where teams effectively collaborate, and where your ideas can thrive. That place is CSRA - the largest provider of next-generation IT solutions and services to the U.S. government.
As a CSRA employee, you get to be part of exceptional team supporting our nation’s most critical missions. We give you the tools to be successful; all you need to do is bring your best ideas, your energy and a desire to develop your skills, experience and career.
Next Generation Technology, Mission and Scientific Solutions, Enterprise Services IT, Cyber Security
Company Type: Public Company
Company Size: 10,001+