Threat Level: green Handler on Duty: Xavier Mertens

SANS ISC: InfoSec Jobs InfoSec Jobs

Participate: Learn more about our honeypot network
https://isc.sans.edu/honeypot.html

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

This listing has expired and therefore is not publicly viewable.

Senior Malware Analyst - Incident Response
Company Federal Reserve
Location United States - Various
Preferred GIAC Certifications GREM
Travel 10%
Salary Not provided
URL https://frb.taleo.net/careersection/2/jobdetail.ftl?lang=en&job=268107
Contact Name Andrew Skatoff
Contact Email andrew.skatoff/at/frit.frb.org
Expires 2021-08-04

Job Description

The Federal Reserve National Incident Response Team (NIRT) has an immediate opening for a motivated cyber security professional to join their Malware Analysis team as a Senior Malware Analyst on our Cyber Investigations team that detects, analyzes, and investigates malicious software and threats for NIRT's customers across the United States. The NIRT Malware Analysis service exists to support incident response and containment efforts and to generate tactical threat intelligence for use in ongoing security monitoring.

What You Will Do:
Plan and build capabilities to establish and mature the malware analysis service and processes.
Support incident response efforts with malware analysis to aid in containment and eradication of detected attacks.
Create tactical threat intelligence through advanced analysis of malicious code.
Evaluate and analyze complex malicious code through static and dynamic malware analysis tools, including disassemblers, debuggers, virtual machines, hex editors, and un-packers.
Support the maintenance of malware analysis platforms and toolsets; identify requirements for new malware analysis capabilities; and contribute to the development of new malware analysis tools and techniques.
Produce reports detailing attributes and functionality of malware, including indicators that can be used for malware identification/detection; the relationship between a given sample of malware and other known samples/families of malware; and notable features that indicate the origin or sophistication of the malware and its authors.
Analyze a large volume of security event data from multiple sources to identify suspicious and malicious activity.
Perform postmortem analysis of traffic flows.
Conduct follow up analysis throughout the incident life cycle.
Lead projects and tasks associated with malware detection, analysis, and response.
Provide operational support to augment SOC duties as needed. This includes periodic 24/7 on call support and surge capacity during emergencies.

Qualifications
Bachelor’s degree in Computer Science or a related discipline.
5+ years of experience with security of multiple platforms, operating systems, software, communications, and network protocols; or an equivalent combination of education and work experience.
Experience in malware analysis (windows executables, exploits, scripts), static (e.g. IDAPro, Ghidra) and dynamic/behavioral malware analysis (e.g. OllyDBG).
Software development experience: Python, REST APIs, SQL, Regular expressions. C/C++ would be a plus.
Skill in detecting and bypassing anti-analysis features in advanced malware.
Skill in identifying obfuscation techniques.
Strong knowledge of current security threats, techniques, and landscape; dedicated and self-driven desire to research current information security landscape.
Strong conceptual and practical understanding of IT Infrastructure designs, technologies, products, and services including networking protocols; firewall functionality; host and network intrusion detection systems, operating systems, databases, encryption, load balancing, and other technologies.
Strong security platform and technology capabilities; SIEM utilization skills with the ability to review and analyze security events from multiple monitoring and logging sources to identify and/or confirm suspicious activity.
Ability to analyze large data sets and unstructured data to identifying trends and anomalies indicative of malicious activity, and capability to learn and develop new techniques.
Malware analysis certification (e.g. GREM).
Flexibility and proven ability to learn new things/skills fast. Relentless curiosity, Analysis, critical thinking, and problem-solving skills.
Excellent reading and writing skills.
Experience developing advanced technological ideas and guiding their development into a final product.
Ability to obtain and maintain a National Security Clearance. Ability to obtain a clearance requires US Citizenship.