Threat Level: green Handler on Duty: Brad Duncan

SANS ISC: InfoSec Jobs InfoSec Jobs

Watch ISC TV. Great for NOCs, SOCs and Living Rooms:

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

This listing has expired and therefore is not publicly viewable.

Senior Technical Analyst, Cyber Espionage (Remote)
Company FireEye
Location Reston, Virginia
Preferred GIAC Certifications GDAT
Travel 10%
Salary Not provided
Contact Name Anonymous
Contact Email andy.omeara/at/
Expires 2019-12-29

Job Description

Job Description
FireEye Intelligence’s Cyber Espionage team identifies, tracks and reports on government sponsored cyber espionage (APT) activity that takes place all around the world. This work supports corporate and government intelligence clients and other divisions of FireEye.

The Senior Technical Analyst will play an important role on our team, leading investigation and analysis of nation-state threats. The position will conduct in-depth technical analysis of malicious software (malware), campaigns, and the Tactics, Techniques and Procedures (TTPs) of nation-state sponsored actors. A particular emphasis will be on developing novel techniques for tracking advanced actors.

The role will effectively and efficiently work alongside of the technical and threat analysts on the Cyber Espionage Team to produce timely, thorough and actionable reporting. An analyst able to work from our Reston, Virginia is preferred, but we are open to remote work for an experienced candidate.


Discovery, categorization, and attribution of nation-state malware and infrastructure, including in-depth malware analysis
Creation of signatures to support the collection and detection of malicious activity
Development of tools to support proactive hunting across public and proprietary data sets
Contributing to reporting on these discoveries to inform FireEye Threat Intelligence customers about the above malicious activities.

Malware Analysis
Dynamic and static analysis of x86 Windows portable executable binaries
Experience of x86 assembly language
Experience with JavaScript, Perl, PowerShell, Python, Ruby, PHP, VBScript and others
Decoding and decrypting of file data and network traffic
Campaign Tracking
Experience creating file signatures leveraging malware detection platforms such as Yara
Experience tracking adversaries via network infrastructure
Experience correlating and attributing malicious activity
Experience with finished threat intelligence
Effective written and oral communication skills
Preferred Qualifications

Experience with the dynamic and static analysis of multiple operating systems and file formats.
Experience disassembling multiple architectures
Experience with the creation of file, host, and network signatures leveraging multiple malware and network detection platforms
Experience developing decoders, decryptors, parsers, and other related tools based on malware, network traffic, and campaign analysis
Experience developing tools to uncover targeted activity leveraging large data sets
Experience producing finished intelligence products for multiple audiences
GCIA, GCED, and GDAT certifications are highly desired