Skip to main content

Sr. Malware Analyst

Apply Now
Businesses Raytheon Intelligence & Space Clearance type TS/SCI Relocation eligible No Job ID 165705BR Date posted 01/12/2021 City Rosslyn State VA Country United States

RIS has an immediate job opening for a cleared Cyber Malware Analyst to support a U.S. Federal Agency contract to enable mission accomplishment by having experience understanding and analyzing cyber tools and malware samples in support of regular investigations, creating cyber intelligence products. The analyst will utilize instruments, sources, methods and data to provide context about the evolving threat landscape. Ability to interpret and analyze large, ambiguous data sets and experience in writing analysis reports.

Work Location: Rosslyn, VA

Job Description: Resolves highly complex malware and intrusion issues using computer host analysis, forensics, and reverse engineering. Discovers, analyzes, diagnoses, and reports on malware events, files and network intrusion and vulnerability issues. Recommends counter measures to malware and other malicious type code and applications that exploit customer communication systems. conducts reverse engineering for known and suspected malware files. Develops analysis and make recommendations for the purchase of hardware and or software that will mitigate malware intrusions. Develops policies and procedures to investigate malware incidents for the entire computer network. Assists in the development and delivery of malware security awareness products and briefings.

Job Responsibilities:

Shall perform specific activities that include, but not limited to the following:

• Provide analysis support 24x7x365

• Render technical assistance for criminal investigations and non-security related operational events as needed • Contribute input to the Cyber Security Daily (CSD)

• Conduct advance analysis and recommend remediation steps for cyber security events and incidents Required Skills:

• Experience with malware analysis and reverse engineering, network analysis tools, static and dynamic analysis tools

• Ability to automate analysis tasks, develop scripts to decode obfuscated data and network communications, analyze obfuscated code

• Understanding of software exploits, identifying host- and network-based indicators, using leading forensic tools such as but not limited to Access Data FTK, Guidance EnCase, Paraben P2 eXplorer, X-Ways Forensics, FireEye, Volatility, CloudStrike

• Knowledge with using mobility and open source forensic tools like Magnet Axiom, BlackBag Mobilyze, Cellebrite UFED, Paraben E3:DS, The Sleuth Kit (TSK) and Autopsy, BlackBag tools

• Proficient with malware analysis, sandboxing, and software reverse engineering

• Experience with scripting languages such as Python and PowerShell

• Knowledge of MITRE ATT&CK framework, and its uses within the cybersecurity community

• Knowledge of and practical experience of integration of COTS or open source tools

• Personality traits: Naturally curious and inquisitive nature; perseverant and hardworking; loves solving problems and puzzles; critically rigorous; uncompromising integrity

• Demonstrated ability to document processes

• Proficiency with MS Office Applications

• Able to work collaboratively across teams and physical locations

• Willing to work rotating shifts

Required Certifications:

Possess at least one relevant professional designation or related advanced IT certification, but not limited to the following:

• Certified Information Systems Security Professional (CISSP)

• GIAC Reverse Engineering Malware (GREM)

• GIAC Certified Incident Handler (GCIH)

• GIAC Network Forensic Analyst (GNFA)

• GIAC Intrusion Analyst (GCIA)

Desired Skills:

• Experience with RSA Netwitness, Splunk, FireEye NX, EX, HX, AX, Carbon Black Response, RSA Archer

• Current experience with network intrusion detection and response operations (Protect, Defend, Respond and Sustain methodology)

• Experience in the detection, response, mitigation, and/or reporting of cyber threats affecting client networks and one or more of the following:

• Experience in computer intrusion analysis and incident response

• Working knowledge of Intrusion detection/protection systems

• Knowledge and understanding of network devices, multiple operating systems, and secure architectures

• Working knowledge of network protocols and common services

• System log analysis

• Experience with SIEMS content analysis, development and testing, tools such as NetWitness, Splunk, SumoLogic, QRadar

• Experience with EDR solutions (Carbon Black, Crowdstrike, FireEye, SentinelOne)

• Familiarity with packet analysis to include: HTTP Headers & Status codes, SMTP Traffic & Status codes, FTP Traffic & Status Codes

• Excellent written and verbal communication skills

• Prior experience working in any of the following: Security Operations Center (SOC); Network Operations Center (NOC); Computer Incident Response Team (CIRT)

Desired Certifications:

Possess at least one relevant professional designation or related advanced IT certification, but not limited to the following:

• GIAC Certified Enterprise Defender (GCED)

• GIAC Security Expert (GSE)

• Certified Information Security Manager (CISM)

• Certified Ethical Hacker (CEH)

Required Education:

BS Degree with major in Computer Science/Electrical Engineering, Engineering, Science or a related field.

Must have a minimum of 9+ years’ experience or equivalent education and experience.

* Must have an active TS with the ability to obtain a TS/SCI clearance

* Occasional travel within CONUS and OCONUS is required


Raytheon Technologies is An Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age or any other federally protected class.

Apply Now

Your Saved Jobs

You have not saved any jobs.

Recently Viewed Jobs

You have no recently viewed jobs.

Sign Up for Job Alerts

Get the latest career opportunities as soon as they become available.

Interested InSearch for a category and select one from the list of suggestions. Search for a location and select one from the list of suggestions. Finally, click “Add” to create your job alert.

  • Computer Engineering, Rosslyn, Virginia, United StatesRemove
  • Computer Science, Rosslyn, Virginia, United StatesRemove
  • Cyber, Rosslyn, Virginia, United StatesRemove
  • Security, Rosslyn, Virginia, United StatesRemove
  • Engineering, Rosslyn, Virginia, United StatesRemove
  • All, Rosslyn, Virginia, United StatesRemove
  • SAS Information Security Analyst, Rosslyn, Virginia, United StatesRemove