This contingent position is being considered & hired for all non-management levels (G08-G10) based upon selected candidate’s applicable experience.
Raytheon is seeking a Malware Analyst to lead the development and operation of a forensics and malware analysis functional capability in support of ongoing investigative and incident response activities. The successful candidate will have a proven record of identifying and tracking cyber threats, and a technical understanding of the tools, techniques, and procedures used by threat actors. The candidate will dissect exploits, attacker tools and implants in support of incident responders, and will also help develop innovative tools to assist responders and automate malware analysis and reverse engineering efforts.
The Malware Analyst is expected to work with minimal guidance against a broad set of objects to handle a variety of complex assignments and situations. Within established priorities and deadlines, the successful candidate will exercise independent judgment in selecting and applying appropriate methods, procedures, techniques, and practices.
This position will be located near Raleigh, in Morrisville, North Carolina.
Responsibilities will include:
- Reverse engineer malware in support of incident response and threat intelligence requirements
- Research and develop methods of tracking and detecting malicious activity within an enterprise network
- Use various tools and techniques to analyze malicious document files, executables and web-based malware
- Conducts analysis of cybercriminal entities' use of technology to target, collect, and exploit customer information and information systems, personnel, and operations and participate in security education programs and briefings
- Performs open source research to enable and facilitate the identification of cybercriminal activity
- Utilizes understanding of attack signatures, tactics, techniques and procedures associated with advanced threats
- Delivers reports, briefings, and assessments to customers and leadership, facilitating understanding of cyber threat entities and environments
- Prepares and presents briefings as subject matter expert as required
- Develops and maintains relationships with U.S. Government agencies and personnel involved in cybercriminal analysis and investigations to discuss mutual problems and requirements.
- The position requires U.S. Person status or a Non-U.S. Person be eligible to obtain Authorization.
- Strong understanding of malware analysis and incident response framework
- Able to conduct code and behavioral analysis of malware, including building a lab environment and is capable of using but not limited to debuggers, disassemblers, sniffers, and other analysis toolsets
- Proficiency with network traffic analysis
- Experience with using memory forensics techniques to analyze malware threats
- Experience identifying, analyzing, and interpreting trends or patterns in data sets
- Knowledge of packers and obfuscation techniques as well as experience defeating anti-analysis techniques
- Familiarity with the use of forensics images and memory dumps in support of incident response
- Ability to recognize and handle sensitive data appropriately
- Strong leadership skills with the ability to prioritize and execute in a methodical and disciplined manner
- Demonstrated ability to manage customer relationships
- Possess a strong working knowledge of all Microsoft applications (i.e., Word, Excel, PowerPoint, and Access)
- Able to communicate effectively orally and in writing to include investigative reports
- Must be on call after work hours for any incident response emergency
- 4+ years related experience for G08
- 6+ years related experience for G09
- 8+ years related experience for G10
Required Education:Bachelor’s Degree in related field and 4+ years of applicable work experienceDesired Certifications:Currently holds any one of the following certifications:
- Understanding with cyber security development projects and programs for U.S. Government and/or commercial clients
- Involvement with process development and deployment
- Knowledge in information technologies to include computer hardware and software, operating systems, and networking protocols
- Experience performing network traffic analysis
- Experience using Splunk and or ELK Stack for analysis
- Experience with using scripting languages to include but not limited to PowerShell and BASH
- SANS -- GIAC Certified Forensic Analyst (GCFA)
- SANS -- GIAC Reverse Engineering Malware (GREM)
Raytheon is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, sex, sexual orientation, gender identity, national origin, disability, or protected Veteran status.