Clearance Required: TS/SCI with CI Polygraph
An Expert-Level Malware Reverse Engineer will analyze, reverse, and repurpose software designed to cause damage to computer equipment and network devices. They will assist analysts with the dissection and understanding of malware samples collected and stored within a malware repository. Leveraging industry leading software, hardware, and frameworks the Engineer will learn to understand the effects caused by a given sample, it’s tactics, techniques, and procedures (TTPs), and associated threat actor(s). They will document all findings and enrich malware details within the malware repository. Repurposing of malware will allow for specific samples to leverage their TTPs for other uses OR neuter certain effects. The Engineer will capture and perform initial analysis on captured data. This includes volatile data, log data, and network traffic (PCAP) to identify any & all immediate intrusion related artifacts. These findings will in turn allow immediate defensive countermeasures to be implemented. The Engineer will develop necessary procedures and/or scripts to assist. The Engineer will serve as the subject matter expert (SME) on malware detection, analysis and mitigation and will use both static and dynamic tools/techniques to analyze, identify TTPs, reverse-engineer, and repurpose malware and provide instruction and guidance to junior personnel.
- A Master of Science degree in computer science, computer engineering, or information systems or related STEM discipline with twelve (12) years of demonstrated experience. In lieu of a degree, sixteen (16) years of demonstrated experience is required.
- Ability to develop code that takes advantages of a weakness in an operating system, application or any other software code, including application plug-ins. Expert knowledge with disassembly tools and able to develop functional exploits; Create custom shellcode; develop code that can bypass typically security measures; experience with ring 0 programming.
- Demonstrated experience and/or training in using both static and dynamic tools/techniques to analyze and reverse-engineer malware, to include: Binary Ninja, Immunity Debugger, Ollydbg, Windbg, Ida Pro, and/or Ghidra.
|Job Category||Cybersecurity, Software Developer/Engineer, Systems Engineer|