Digital Forensics and Malware Analyst
Vectrus
- Kuwait
- Permanent
- Full-time
Responsibilities
- Examine malicious software using reverse engineering techniques to identify the nature of threats and perform analysis to understand adversarial capabilities and tactics.
- Develop procedures and scripts to identify, collect, transfer and preserve evidence of unauthorized access to military and partner networks.
- Obtain forensic images of servers, workstations, laptops, flash devices, removable media, cell phones, RAID, and virtual systems.
- Analyze computer network intrusion events and malicious activity.
- Draft forensic and malware reports, briefings, and white papers.
- Analyze trends and statistics to provide proactive indications and warnings of malicious cyber activity and correlate attacks, exploits, and threat vectors.
- Develop mitigation techniques to deny further exploitation and provide recommendations for appropriate response and corrective actions to defend against threat activity.
- The work environment will be 95% indoors and 5% outdoors.
- Perform other duties as assigned.
- Qualifications:
- Education / Certifications: One year of related experience may be substituted for one year of education, if degree is required.
- Bachelor’s Degree or equivalent experience preferably in Computer Science or MIS, IS, Engineering or related field.
- This position requires candidates to adhere to DoD 8570.01. All candidates are required to maintain at least one (1) baseline certification and one (1) computing environment (CE) certification. Baseline certifications cannot also be used as a Computing Environment (CE) certification. The authorized certifications for this job title are listed as follows:
- IAT Level: CSSP Analyst
- BASELINE:
- Cisco: CCNA Cyber Ops
- Cisco: CCNA Security
- Cisco: SCYBER: Cybersecurity Specialty Certification
- CompTIA: Cloud+ CE
- CompTIA: PenTest+
- CyberSec First Responder: CFR 210
- CyberSec First Responder: CFR 310
- EC-Council CEH: Certified Ethical Hacker
- GIAC: GCIA: Certified Intrusion Analyst
- GIAC: GCIH: Certified Incident Handler
- GIAC: GISCP: Industrial Cyber Security Professional
- COMPUTING ENVIRONMENT (CE):
- Cisco: CCNP: Certified Network Professional (Any)
- EnCASE: EnCE: Certified Examiner
- FTK: Forensics Tool Kit
- GIAC: GCFA: Certified Forensic Analyst (Preferred)
- GIAC: GCIA: Certified Intrusion Analyst
- GIAC: GCIH: Certified Incident Handler
- GIAC: GCWN: Certified Windows Security Administrator
- GIAC: GDAT: Defending Advanced Threats
- GIAC: GREM: Reverse Engineering Malware
- GIAC: GSEC: Security Essentials
- Microsoft: 365 Certified: Enterprise Administrator Expert
- Microsoft: Certified: Azure Security Engineer Associate
- Microsoft: Certified: Azure Solutions Architect Expert
- Microsoft: MCSE: Core Infrastructure
- Microsoft: MCSE: Database Management and Analytics
- Microsoft: MCSE: Productivity Solutions Expert
- Offensive Security: Certified Expert
- Offensive Security: Certified Professional
- Experience: One year of related academic study above the high school level may be substituted for one year of experience up to a maximum of a 4-year bachelor's degree in a Software Engineering or Business Information Systems discipline for three years general experience.
- At least five (5) years of practical experience working with various data (network and system) technologies, with a minimum of two of those years focused on information systems security, forensic and malware analysis.
- Exceptional knowledge and experience with commercial binary analysis tools including but not limited to: IDA PRO disassembler, Ollydbg.
- Experience with computer languages including but not limited to Assembly, C, C++, Perl, Java, Python, etc.
- Experience with a customer service-oriented company