Cyber Operations Malware Analyst – Associate

WHO WE ARE:

STAHL Companies provides the Program Management for its Channel of Commercial Technology companies in Government that consist of Small Businesses and New Technology start-ups.

STAHL advocates for policies that can improve government services and maintain our government's competitive advantage, by bringing more technology into government programs.

STAHL Companies advocates on behalf of our nation's innovative, new technology and small businesses looking to work with the U.S. government. We do this by aligning the voice of our small business members with advocacy for change in federal policy that will make the government market more accessible to small businesses and the commercial technology ecosystem.

The Channel's founding Technical Board Members include former government leaders and IT executives passionate about bringing best-of-breed technology to the government.

Job Description:

Under general supervision, assists in the evaluation and analysis of complex malicious code through the utilization of tools, including dissemblers, debuggers, hex editors, un-packers, virtual machines, and network sniffers. Assists with providing findings in a technical report with details of the malware, identification parameters, advanced capabilities, and mitigation strategies. Provides research assistance in the area of malicious software, vulnerabilities, and exploitation tactics. Requires experience with application security, network security, reverse engineering, or malware. Requires knowledge of worms, viruses, Trojans, rootkits, botnets, Windows internals, and the Win32 API. Additional experience required in programming (assembly and web) and system analysis with various tools, including IDA Pro, Ollydbg, PCAP tools, or TCP Dump. Professionally certified, within a CND discipline, as Technical Level I as defined by DODI 8570 is a requirement.

We are seeking a skilled and experienced Cyber Operations Malware Analyst – Associate to join our team!

Successful Stahl Companies employees possess the following traits:

An ability to get things done: You are persistent, resourceful, results-oriented, and action-oriented. You constantly plan ahead and foresee issues before they occur.

Analytical: In order to improve your comprehension of the market and the demands and problems of your clients, you have good analytical abilities and are at ease reading quantitative data.

Creative mind-set: You are able to solve problems creatively and swiftly adjust. You possess a thorough understanding of product management principles and the ability to apply them when analysing data and making recommendations.

Emotional Intelligence: You have a strong sense of self and excellent perception of how important relationships function. You are upbeat, sympathetic, adaptable, and inquisitive. Your genuineness, warmth, and competence help you win the respect of your co-workers.

Trustworthy: You have a strong sense of morality, principles, and purpose. You are trustworthy because of how you conduct yourself. You are a living example of the company's values.

Responsibilities:

• You will work with a team of like-minded professionals to share and collaborate upon your ideas to improve the cybersecurity infrastructure, architecture, and configuration deployments
• The Cyber Threat Analysis Division's (DS/CTI/CTAD) Technical Analysis and Special Operations (TASO) team performs advanced cyber threat network hunting, advanced technical analyses (e.g. analysis of malicious code, network traffic, and Web log data), and forensic review of hard drives, mobile devices, and other storage media
• Performing Dynamic and static analysis of malware, or suspected malware, to determine functionality and capability
• Perform behavioral analysis through sandboxing and leveraging virtual machines to simulate enterprise environments
• Reverse engineer malware samples through the use of debugging tools
• Provide a written technical report related to the scope, nature, and characteristics of identified malicious code
• Identify malware IOCs, TTPs and recommend appropriate counter measures
• Perform advanced network threat hunting to detect malicious or suspicious behavior on Department on-premises and cloud-based networks
• Respond to security events received from CIRT and provide comprehensive findings and recommended remediation steps

Qualifications:

• Bachelor's Degree and a minimum of 9 years relevant experience
• Required Secret security clearance with the ability to obtain Top Secret clearance
• Must be able to work a hybrid schedule
• Possess or be able to obtain within six months, one of the following certifications: GREM, CASP+ CE, CCNA, CEH, CISSP, CySA+, or GCIH
• Demonstrated experience performing static and dynamic analysis techniques
• Experience using sandbox and other simulated networked environments for analysis
• Strong critical, creative, and analytical thinking skills
• Expertise in discovering, analyzing, diagnosing, and reporting on malware events, files and network intrusion and vulnerability issues
• Can recommend sound counter measures to malware and other malicious type code and applications which exploit customer communication systems
• Experience developing technically detailed reports that translate complex technical information to non-technical audiences
• US citizenship is required

 *Position is contingent upon award