Job Description

Internetwork Consulting Services (ICS) is seeking Mid-level Cyber Malware Analysts - 1st Shift to become part of the Department of State (DOS) Diplomatic Security Cyber Mission (DSCM) program providing leading cyber and technology security experience to enable innovative, effective, and secure business processes.


This role supports the Cyber Incident Response Team (CIRT).

Location:

Beltsville, Maryland


First Shift - 6:00 am - 2:00 pm

Program Overview

The DSCM program encompasses cyber security, data analytics, engineering, technical, managerial, operational, logistical and administrative support to aid and advise DOS Cyber & Technology Security (CTS) Directorate. This includes protecting a global cyber infrastructure comprising networks, systems, information, and mobile devices all while identifying and responding to cyber risks and threats. Those supporting the DSCM program strive to leverage their expert knowledge and propose creative solutions to real-world cybersecurity challenges.

About the Role

Provide malware analysis support in a 24x7x365 environment. Conduct advanced analysis and recommend remediation steps for cyber security events and incidents. Respond to and assist with the resolution of any suspected or successful cyber security breach or violation. Share knowledge and intelligence gained from cyber security events with stakeholders. Protect against and prevent potential cyber security threats and vulnerabilities. Implement and use cyber security frameworks (e.g. MITRE-ATT&CK , Kill Chain, etc.). Activities include the following: + Advanced code analysis (e.g. reverse engineering of malicious code)
+ Advanced traffic analysis (at the packet level) and reconstruction of network traffic to discover anomalies, trends, and patterns
+ Forensic analysis of suspected systems (e.g. SSD/HDD devices, on and off premise network devices, and storage media) impacted by malicious activity.
+ Provide advanced forensic analysis of digital storage devices (e.g. GFE) with abnormalities
+ Provide comprehensive findings and recommended remediation steps

Qualifications:

Bachelor's degree and at least 2 years of experience or a High School diploma and 6 years of related work experience. U.S. Citizenship. Active Secret clearance. Must possess one of the following certifications: + CCNA-Security
+ CND
+ CySA+
+ GICSP
+ GSEC
+ Security+ CE

SSCP
+
Ability to resolve highly complex malware and intrusion issues using computer host analysis, forensics, and reverse engineering. Ability to recommend sound counter measures to malware and other malicious type code and applications which exploit customer communication systems. Knowledge in development of policies and procedures to investigate malware incidents for an entire computer network. Expertise in discovering, analyzing, diagnosing, and reporting on malware events, files and network intrusion and vulnerability issues. Incident Response experience utilizing Splunk and/or Tanium/HX Demonstrate an intermediate proficiency in debugging and disassembling x86/x64 PE files. Working knowledge of Python/Powershell/Bash/JS * Experience with sandboxing/virtual environments