Cyber Forensic Malware Reverse Engineer - Military veterans preferred

2018-10-16
ManTech (www.mantech.com)
Other

/yr

  full-time   employee   contract


Herndon
Virginia
United States

Entering ManTech’s 50th year, we hold the distinct honor of being named a “Top 100 Global Technology Company” by Thomson Reuters. We have earned this and many other accolades over the years for our dedication to serving the missions of our nation’s most important customers: U.S. Intelligence, Defense and Federal Civilian agencies. All know us as a trusted partner offering best-in-class solutions in cyber, data collection & analytics, enterprise IT, and systems and software engineering tailored to meet their specific requirements.

Become an integral part of a diverse team in the Mission, Cyber and Intelligence Solutions (MCIS) Group. Currently, ManTech is seeking a motivated, mission oriented Cyber Security Malware Reverse Engineer in the Herndon, Virginia area, with strong Customer relationships. At ManTech, you will help protect our national security while working on innovative projects that offer opportunities for advancement.

The NIS Division provides mission solutions to a wide range of Defense and Intelligence Community customers. This division consists of a team of technical leaders that deliver advanced technical solutions to government organizations. Our customers have high standards, are technically adept, and use our products daily to support their mission of protecting national security. Our contributions to our customer’s success is driving our growth.


Responsibilities include, but are not limited to:
• Use expertise in malware reverse engineering and analysis to evaluate and analyze complex malicious code through the use of static and dynamic malware analysis tools, including disassemblers, debuggers, virtual machines, hex editors, and un-packers.
• Perform research in the area of malicious software, vulnerabilities, and exploitation tactics, and recommend preventative or defensive actions.
• Conduct reverse-engineering for known and suspected malware files. Investigate instances of malicious code to determine attack vector and payload, and to determine the extent of damage and data exfiltration.
• Produce reports detailing attributes and functionality of malware, and indicators that can be used for malware identification/detection, to include behavior, identified infrastructure used for command and control, and mitigation techniques. Analyze the relationship between a given sample of malware and other known samples/families of malware, and notable features that indicate the origin or sophistication of the malware and its authors.
• Develop network and host based signatures to identify specific malware. Recommend heuristic or anomaly based detection methods.
• Provide subject matter expertise in the detection, analysis and mitigation of malware, trends in malware development and capabilities, and proficiency with malware analysis capabilities.
• Support the maintenance of malware analysis platforms and tool sets, identify requirements for new malware analysis capabilities, and contribute to the development of new malware analysis tools and techniques.

Required Experience/Skills:
Requires Bachelors degree or equivalent and ten to twelve years of related experience. Minimum of four years experience in technology/tools specific to the target platforms.
• Requires Bachelors degree or equivalent and ten to twelve years of related experience. Minimum of four years experience in technology/tools specific to the target platforms.
• Demonstrated experience using Commercial (IDA Pro, Hex-Rays, WinDbg, etc.) and Open Source tools like OllyDbg.
• Understanding of behavioral based threat models like Cyber Kill Chain, etc.
• Familiarity with Linux OS and mobile iOS/Android forensics.
• Demonstrated experience writing code (C, C++, Python, Perl, Java, Powershell, Assembly language, etc.)
• Capable and comfortable communicating actionable threat intelligence to both technical and executive-level stakeholders.
• Working knowledge of Computer Network Exploitation (CNE), Computer Network Attack (CNA) and Computer Network Defense (CND) tools and techniques.
• A deep understanding of advanced cyber threats targeting enterprises, along with the tools, tactics, and procedures used by those threats.
• Understanding of software engineering methodologies.
• Ability to analyze shellcode, and packed and obfuscated code, and their associated algorithms.
• Understanding of common attacker methodologies and exploit techniques.
• Capable of Python scripting to automate analysis and reverse engineering tasks.
• Strong understanding of network protocols and networking concepts.
• Strong understanding of Windows Operating System Internals and Windows APIs.
• Strong understanding of the PE file format and experience parsing structured or unstructured data.
• Good interpersonal, strong initiative, problem solving, organizational, writing, communications, and briefing skills.

Required Tools:
IDA Pro, Debbugers, disassemblers, virtual machines, hex editors, and un-packers, X-Ways and Open source methods and tools to perform malware investigations.

Nice to have skills:
• Experience using EnCase, X-Ways, FTK, and Open Source methods and tools to perform Malware/Forensic investigations.



Advertisement