TCW - Malware Analyst II (Texas)
Apply for this position: Send a Microsoft Word copy of your resume to: HR@zavda.com
Clearance: TS/SCI with Polygraph
Zavda was founded in 2006 and is a SDB certified, Service Disabled Veteran owned, and Woman owned small business that offers leading IT management, Intel, and Cyber opportunities in both the private and public sector. Zavda is looking for a Malware Analyst.
The Malware Analyst will support clients in solving difficult problems by providing recommendations based on the results of malicious code analysis. Analyze and evaluate malicious code to create technical reports for indicators of compromise and to recommend mitigation and detection actions. Work to continually improve current malware analysis techniques, and identify new ways to improve malware identification best practices. Conduct research and training on comprehending emerging malicious code threats.
- Conduct both dynamic and static analysis of suspicious code in order to establish malicious capability and determine potential impact.
- Experience with host and network monitoring for analysis of malware execution & propagation methodologies.
- Perform analysis on captured data, such as audit, log, network traffic, et cetera, to identify any intrusion-related artifacts.
- Understanding of operating system-specific exploitation vectors.
- Analyze malicious code by employing tools, scripting languages, and leveraging virtual machines/environments.
- Support 24/7 monitoring of malware threats to NSA networks, hosts, mission platforms, and boundaries.
- Generate documentation of vulnerabilities and exploits used by malware in written reports.
- Communicate written and verbal information in a timely, clear, and concise manner.
- Apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
- Generate technical summary of findings in accordance with established reporting procedures.
- Develop and recommend mitigation strategies.
- Develop signatures, techniques, and rulesto identify malware vectors.
- Collaborate with internal and external organizations to discover new threats, develop mitigation techniques, processes, and tools which further the CSSP mission, as directed by the customer.
- Evaluate emerging threats.
- Correlate data from multiple sources to identify probable threat actors.
Education / Experience:
- Five (5) years of demonstrated experience in cybersecurity
- Three (3) years of demonstrated experience with malware analysis
- Two (2) years of demonstrated experience with tools such as GHIDRA, SYSInternals, FireEye AX, or similar technologies.
- One (1) year of demonstrated experience with development of code in languages such as Python, Lua, C/C++, Ruby or similar
- Requires Global Information Assurances Certification (GIAC) Certified Forensic Analyst (GCFA) certificate or Certified Reverse Engineering Malware (GREM) certificate.
- Requires DoD 8570 compliance with CSSP Analyst baseline certification. (ie- CEH, CFR, CCNA Cyber Ops, CCNS-Security, CySA+, GCIA, GCIH, GICSP, Cloud+, SCYBER, PenTest+). Any of the listed certs meet this requirement.
- Information Assurance Technical (IAT) Level I or Level II certification. (ie- A+, CCNA-Security, CND, Network+, SSCP, CySA+, GICSP, GSEC, or Security+). Any of the listed certs meet this requirement.
- Computing Environment (CE) certification.
- Requires successful completion of the Splunk software training course "Fundamentals 1".
Equivalent: The CE certification requirements can be fulfilled with either Microsoft OS, Cent OS/Red Hat OS CE certifications.
- 12-hour shifts, on a Panama Shift Cycle (some nights and weekends will be required)
Zavda is a small business and an equal opportunity employer- Veteran/Female/Minorities/Individual with Disabilities. With Zavda you have the opportunity to provide dependable solutions and support that with benefit the national security missions. Zavda prides itself to providing continual professional growth and success for the Zavda Team.