|Preferred GIAC Certifications||GDAT|
FireEye Intelligence’s Cyber Espionage team identifies, tracks and reports on government sponsored cyber espionage (APT) activity that takes place all around the world. This work supports corporate and government intelligence clients and other divisions of FireEye.
The Senior Technical Analyst will play an important role on our team, leading investigation and analysis of nation-state threats. The position will conduct in-depth technical analysis of malicious software (malware), campaigns, and the Tactics, Techniques and Procedures (TTPs) of nation-state sponsored actors. A particular emphasis will be on developing novel techniques for tracking advanced actors.
The role will effectively and efficiently work alongside of the technical and threat analysts on the Cyber Espionage Team to produce timely, thorough and actionable reporting. An analyst able to work from our Reston, Virginia is preferred, but we are open to remote work for an experienced candidate.
Discovery, categorization, and attribution of nation-state malware and infrastructure, including in-depth malware analysis
Creation of signatures to support the collection and detection of malicious activity
Development of tools to support proactive hunting across public and proprietary data sets
Contributing to reporting on these discoveries to inform FireEye Threat Intelligence customers about the above malicious activities.
Dynamic and static analysis of x86 Windows portable executable binaries
Experience of x86 assembly language
Decoding and decrypting of file data and network traffic
Experience creating file signatures leveraging malware detection platforms such as Yara
Experience tracking adversaries via network infrastructure
Experience correlating and attributing malicious activity
Experience with finished threat intelligence
Effective written and oral communication skills
Experience with the dynamic and static analysis of multiple operating systems and file formats.
Experience disassembling multiple architectures
Experience with the creation of file, host, and network signatures leveraging multiple malware and network detection platforms
Experience developing decoders, decryptors, parsers, and other related tools based on malware, network traffic, and campaign analysis
Experience developing tools to uncover targeted activity leveraging large data sets
Experience producing finished intelligence products for multiple audiences
GCIA, GCED, and GDAT certifications are highly desired