Today’s Cyber targets never stop moving – that’s why we never stand still. From protecting our nation’s critical infrastructure to securing the tactical edge, cybersecurity is embedded in everything we do. Amongst our numerous cyber programs, our JSP DCO program is at the forefront of GDIT’s cyber capabilities protecting one of our nation’s most important networks. JSP is undergoing a transformation as they transition to forward leaning areas of cybersecurity. Be part of that transformation and join our mission!
The Joint Service Provider (JSP) Defense Cyber Operations Internal Defense Measures (DCO IDM) program is searching for a Senior Malware Analyst to work at the Mark Center in Alexandria, VA!
(1) This is a full-time, onsite position. Due to the type of access this role entails, telecommuting is not allowed.
(2) This is Key Position and requires on-call/recall support.
The Malware Analyst will analyze code for malicious capability and determine impact of code to enterprise assets. The engineer will be responsible for providing written reports on the nature and capabilities of the code and may be required to provide expert witness testimony and/or analysis findings in a court of law. Engineer will be responsible for performing forensic analysis of IT systems to determine impact of inadvertent or purposeful activities affecting the security of systems.
Essential Job Functions:
• Demonstrate expert-level knowledge of network traffic and communications, including known ports and services • Demonstrate expert knowledge of the Windows operating system, expert knowledge in various Linux distributions and the Unix framework • Have expert level knowledge of the following security related technologies: IPS, IDS, SIEM, firewalls, DNS, encryption, HIDS, NIDS, proxies, network packet analyzers, malware analysis, forensic tools, and enterprise level appliances • Demonstrate a deep understanding of various open source and commercial analysis tools used for reverse engineering • Demonstrate knowledge of and familiarity with the ARM instruction set • Demonstrate the ability to analyze complex malicious Windows programs in a reasonable time frame • Demonstrate expert technical ability in reverse engineering custom protocols used by malware • Demonstrate intermediate proficiency with one of the following programming languages: Python, C, C++, Ruby • Design and develops new systems, applications, and solutions for external customer's enterprise-wide cyber systems and networks. • Ensure system security needs established and maintained for operations development, security requirements definition, security risk assessment, systems analysis, systems design, security test and evaluation, certification and accreditation, systems hardening, vulnerability testing and scanning, incident response, disaster recovery, and business continuity planning and provides analytical support for security policy development and analysis. • Integrate new architectural features into existing infrastructures, designs cyber security architectural artifacts, provides architectural analysis of cyber security features and relates existing system to future needs and trends, embeds advanced forensic tools and techniques for attack reconstruction, provides engineering recommendations, and resolves integration and testing issues.
Active Top Secret w/SCI eligibility
BS or equivalent + 14 yrs related experience, OR MS + 12 yrs related experience
Certified Ethical Hacker (CEH) Certification
DoD 8570 IAT Level II Certification (ONE of the following): GSEC, Security +, SSCP, CCNA-Security, CySA+, GIC SP
DoD 8570 IASAE/CND/ CND-IR Certification (ONE of the following): CEH, GCIH, CSIH, SCYBER, CySA+, GCFA, CFR
8+ years of Incident and Malware analysis experience in the DOD or IC environment
2 years of Malware analysis experience in the DOD or IC environment
Have an understanding of DOD accreditation policies, processes, and practices
Experience with cyber incident response based on formal U.S. government guidance (i.e. CJCSM 6510.01B)
Experience in planning, directing, and managing Computer Incident Response Team (CIRT) operations in an organization similar in size
Must have expert-level knowledge of the X86 Instruction set
Willing to provide on-call/recall support, as needed.
Active TS/SCI clearance
We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.
GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.