Share this Job
Email similar jobs to meEmail similar jobs to me

Malware Analyst / Engineer Job

Date: Apr 16, 2017

Location: Fort Gordon, GA, US

Company: SAIC

Malware Analyst / Engineer (Job Number:423634)



SAIC is currently seeking a Senior Penetration Tester located in Augusta, GA area. The selected candidate will be working in an isolated laboratory designed to provide training and instructional guidance to local cyber personnel. This position is 80% technical and 20% knowledge based instruction.

This position is heavily geared toward analyzing and reverse-engineering malware. Day to day duties may include the examination of malware specimens, behavioral analysis, static code analysis, dynamic code analysis of malware. Candidates would perform computer, network, cyber, mobile, memory forensics. Candidates will be tasked with bypassing malware defenses and would be expected to perform engineering manually versus relying solely on toolkits.

Position Requirements include:

- Deep understanding of the process, tools, techniques surrounding manual analysis of systems exploitations.
- Examine malware interactions with the file system, registry, network, and other processes
- Must be experienced in reverse engineering malware.
- Hands on technical experience installing, operating, and maintaining systems.
- Must be familiar with systems exploitation without the assistance of toolkits like Core Impact or MSF.
- Utilize disassembler and debugger programs to examine executable malicious code.
- Examination of Malware & Virus Analysis, Signatures, Heuristics, etc.
- Examine capabilities of rootkits through memory forensics.
- Experience in x86 Intel assembly language (instructions, function calls, variables and jumps), Windows API (DLL injection, function hooking, keylogging), and C.

Minimum Basic Requirements:

- 8+ years of experience in Cyber Security profession, specifically seeking Malware Reverse Engineering and in depth manual Penetration Testing.
- Bachelor’s Degree is required.
Desired Experience:

- Operating System Experience: Windows, Linux, UNIX, REMnux, GNU Linux, Kali-Linux
- Tools: OllyDB (OllyDbg, OllyDump, Olly Advanced), IDA Pro, LordPE,
- Scripting: Powershell, VBA, Javascript, Perl
Additional Desired Tools Experience:

Metasploit, Backtrack 5, Kali, Hydra, JTR, Maltego, Nexpose, Armitage, Nmap, ZenMap, Zed Attack Proxy, Open Web Application Security Project (OWASP), SQL Map, Security Onion, hunt, Nmap, Nessus, Fuzzers, Nikto, Superscan, wireshark, POf, Yersinia, Eraser, Burp Suite, N-Stealth, Nipper, RAT, Cain and Abel, Kismet, Netstumbler, Flying Squirrel, hping*, XMPPloit, SQL-injection, SPLUNK, OpenVAS, Snorby, Sguil, Snort, Remnux, UPX, PEiD, OllyDump HideOD, OllyDbg, Olly Advanced, xPELister, CHimpREC, BinText, , IDAPro, API Monitor, Office MalScanner, Molouch, WebAnalysis-Malzilla, Windows SteadyState.

Desired Training & Certifications:

CEH: Certified Ethical Hacker

GAIC Certifications

SANS Institute Certifications and Training:

- FOR408: Windows Forensic Analysis
- FOR610: Reverse-Engineering Malware: Malware Analysis Tools and Techniques
- SEC401: Security Essentials Bootcamp Style
- SEC504: Hacker Tools, Techniques, Exploits and Incident Handling
- SEC560: Network Penetration Testing and Ethical Hacking
- SEC542: Web App Penetration Testing and Ethical Hacking
- SEC503: Intrusion Detection In-Depth
- SEC660: Advanced Penetration Testing, Exploit Writing, and Ethical Hacking
- SEC505: Securing Windows and PowerShell Automation
- SEC501: Advanced Security Essentials - Enterprise Defender
- SEC566: Implementing and Auditing the Critical Security Controls - In-Depth
- SEC575: Mobile Device Security and Ethical Hacking
- SEC301: Intro to Information Security
- SEC506: Securing Linux/Unix
- SEC642: Advanced Web App Penetration Testing, Ethical Hacking, and Exploitation Techniques
- SEC511: Continuous Monitoring and Security Operations
- SEC573: Python for Penetration Testers

- T&S*

SAIC Overview:SAIC is a premier technology integrator providing full life cycle services and solutions in the technical, engineering, intelligence, and enterprise information technology markets. SAIC provides systems engineering and integration offerings for large, complex projects. Headquartered in McLean, Virginia, SAIC has approximately 15,000 employees and annual revenues of about $4.3 billion.

EOE AA M/F/Vet/Disability

Job Posting: Nov 22, 2016, 2:13:54 PM
Primary Location: United States-GA-FORT GORDON
Clearance Level Must Currently Possess: Secret
Clearance Level Must Be Able to Obtain: Top Secret/SCI
Potential for Teleworking: No
Travel: None
Shift: Day Job
Schedule: Full-time

Nearest Major Market: Augusta

Job Segment: Laboratory, Linux, SQL, Database, Unix, Science, Technology