Media, Malware, and Analysis Analyst Job



  Full Time   Employee

Fort Meade
United States

Media, Malware, and Analysis Analyst (Job Number:417394)


SAIC currently has a contingency position for a Media, Malware and Analysis Analyst to support the United States Cyber Command (USCYBERCOM) at Fort Meade, Maryland.

Media, Malware and Analysis (MMA) is the forensic analysis of media and software reverse engineering. The analysis consists of reviewing the contents of a compromised system, documenting unusual files and data, and identifying the TTPs used by an adversary to gain unauthorized access to DODIN assets. This includes detailed technical work on media analysis and exploitation of data from compromised systems in support of ongoing analysis.

This task requires knowledge of computer network theory, ability to understand communication methods and malicious properties, and TTPs of advanced persistent threats. Additionally, this task requires technical knowledge of malware analysis, incident handling, ethical hacking, and drafting and implementing security incident response policies.

Daily activities include:
• Analyze malware discovered in DoD intrusions; perform dynamic and static analysis and reverse engineering of intrusion artifacts
• Develop and release government approved analysis findings in technical analysis reports
• Identify unique indicators, TTPs, patterns, or heuristics from malware artifacts for the development of detection and mitigation strategies
• Collaborate with anti-virus vendors for malware submissions to aid vendor anti-virus updates
• Extract malicious files from digital media and sources
• Identify, analyze, and document adversarial activities to gain unauthorized access to DoD systems
• Analyze to determine sophistication, priority, and threat of identified malware
• Examine media and malware analysis reports and operational reporting from DoD incidents to correlate similar events, tradecraft, and TTPs of malicious activity
• Develop metrics and trending/analysis reports of malicious activity used to compromise the DODIN
• Develop, document, and convey operational requirements for the development, procurement, or implementation of media, malware analysis capabilities such as the Joint Malware Catalog (JMC), Joint Indicator Database (JID), Joint Incident Management System (JIMS), and Unified Cyber Analytics Portal (UCAP)
• Develop and conduct update briefs, presentations, and papers to USCYBERCOM leadership to ensure situational awareness and status are conveyed related to the assigned project areas
• Conduct log and system analysis for various system and network capabilities to include routers, Windows, and UNIX
• Update DoD shared situational awareness mechanisms to include USCYBERCOM websites, Wikipedia style solutions, and collaboration/chat mechanisms
• Identify new exploits and security vulnerabilities, analyze behavior of malicious code, research open source data, document host/network signatures, and develop mitigation and remediation strategies
• Provide MD5 Hash updates. Validate, update, post and maintain MD5 Hash list for signature repository
• Conducts analysis on the lifecycle of adversary anatomy of attack and exploitation and the associated tools, malware, and encryption mechanisms utilized
• Identify patterns in reported compromises and identify additional compromises as part of the same incident.


- Minimum five (5) years of experience with cybersecurity or information assurance.
- Creation and dissemination of orders and directives to provide guidance to the DoD community.
- Strong Attention to detail and organizational skills
- Excellent communications skills


- Staff experience researching and writing white papers, compliance reports and assessment reports in support of activities for defining policy.
- Ability to develop briefing materials, administrative, and logistics support.
- Excellent writing skills and ability to communicate effectively, including public speaking, and briefing senior officers.
- Proficiency in the use of Microsoft Office Suite.
- Vulnerability Management
- Nessus Vulnerability Scanner
- DIACAP Experience
- Microsoft Server or Red Hat Linux Enterprise Server


- Bachelor’s Degree or higher from an accredited college or university in Computer Science, Cybersecurity, Computer Engineering, or related discipline
- Master’s Degree may be substituted for two (2) years of relevant experience
- DoD 8570 Level I Information Assurance Certification is required

TRAVEL AND SECURITY: CONUS/OCONUS; TS/SCI with Polygraph SAIC Overview:SAIC is a leading provider of technical, engineering and enterprise information technology services to the U.S. government. Our 13,000 employees deliver systems engineering and information technology offerings for large, complex government programs, as well as a broad range of higher-end, differentiated technology services. The company is headquartered in McLean, Va. For more information, visit

EOE AA M/F/Vet/Disability

Job Posting: Aug 24, 2016, 7:42:09 AM
Primary Location: United States-MD-FORT MEADE
Clearance Level Must Currently Possess: Top Secret/SCI with Polygraph
Clearance Level Must Be Able to Obtain: None
Potential for Teleworking: No
Travel: None
Shift: Day Job
Schedule: Full-time

To apply for this job, contact:
Jane Ormerod

Save This Job

Email This Job to a Friend