Previous Job
Cyber Threat Technical Intelligence Analyst
Ref No.: 18-13944
Location: Reston, Virginia
CLIENT is seeking a highly skilled cyber-defense expert to join CLIENT's Global Cyber-risk Defense Center (gCDC). The Cyber Threat Technical Intelligence Analyst will execute a range of malware analysis and cyber threat intelligence gathering duties within the gCDC. The successful candidate will work as part of a team that conducts analysis and assist investigation into cyber-attacks affecting CLIENT's global business units, lines of business, or information technology infrastructure. This position will report to a gCDC Cyber Threat Technical Intelligence Team Manager.
Position Responsibilities:
· Analyze malicious files to evaluate its attributes and functionality. Such as identifying indicators that can be used for malware detection, the relationship between a given sample of malware and other known samples/families of malware, and notable features that indicate the origin or sophistication of the malware and its authors.
· Provide operational support to the gCDC Incident Response and Monitoring analyst teams with analysis and reverse engineering of suspicious binaries and host artifacts of interest to characterize functionality and capability through static and behavioral analysis tools and techniques.
· Assist in Incident Response events with investigation, mitigation and remediation.
· Create detailed reports for malware, trends in malware development and capabilities, and TTPs.
· Support the maintenance and creation of malware analysis platforms and tool sets. Identify requirements for new malware analysis capabilities, and contribute to the development of new malware analysis tools and techniques.
· Identify new tools, techniques and Procedures (TTPs) across multiple sources of intelligence and convert intelligence into actionable mitigation and technical control recommendations.
· Provide ad-hoc cyber intelligence briefings and threat summaries as needed.

Position Requirements:
· Minimum of three or more years' experience in a hands-on technical role of network forensic analyst and incident responder.
· Experience as a malware analyst / reverse engineer.
· Experience leveraging reverse engineering tools, such as IDA Pro, WinDbg, Immunity, OllyDbg and others.
· Demonstrate knowledge and proficiency using the tools and techniques required to successfully conduct dynamic and static analysis of binary samples.
· Possess programming and scripting skills (e.g. C/C++, .Net, Java, Perl, Python)
· Demonstrated ability to make decisions on remediation and countermeasures for challenging information security threats.
· Excellent communication and presentation skills with the ability to present to a variety of external audiences, including senior executives.
· Excellent written communication skills.
Experience: Minimum of three (3) years of practical experience with security monitoring, event and anomaly analysis, intrusion detection/prevention, incident response or malware analysis.

Formal Education & Certification
• Bachelor of Science in Computer Science, Information Systems, or Software Engineering preferred, or relevant military or law enforcement experience.

• Preferred Certifications:

o GIAC Reverse Engineering Malware (GREM)
o GIAC Certified Forensic Analyst (GCFA)
o GIAC Certified Intrusion Analyst (GCIA)
o GIAC Certified Incident Handler (GCIH)

** NOTE: An equivalent combination of experience, education and/or training may be substituted for the listed minimum requirements.
Occasional travel may be required, but less than 10% of the time. Analyst will be required to be on call.