Cyber Operations Malware Analyst – Senior

WHO WE ARE: STAHL Companies provides the Program Management for its Channel of Commercial Technology companies in Government that consist of Small Businesses and New Technology start-Hirefluxa. STAHL advocates for policies that can improve government services and maintain our government's competitive advantage, by bringing more technology into government programs. STAHL Companies advocates on behalf of our nation's innovative, new technology and small businesses looking to work with the U.S. government. We do this by aligning the voice of our small business members with advocacy for change in federal policy that will make the government market more accessible to small businesses and the commercial technology ecosystem. The Channel's founding Technical Board Members include former government leaders and IT executives passionate about bringing best-of-breed technology to the government. Job Description: Under general direction, leads and participates in the evaluation and analysis of complex malicious code through the utilization of tools, including dissemblers, debuggers, hex editors, un-packers, virtual machines, and network sniffers. Responsible for providing findings in a technical report with details of the malware, identification parameters, advanced capabilities, and mitigation strategies. Conducts research in the area of malicious software, vulnerabilities, and exploitation tactics. Requires experience with application security, network security, reverse engineering, or malware. Requires strong knowledge of worms, viruses, Trojans, rootkits, botnets, Windows internals, and the Win32 API. Extensive experience required in programming (assembly and web) and system analysis with various tools, including IDA Pro, Ollydbg, PCAP tools, or TCP Dump. Professionally certified, within a Computer Network Defense (CND) discipline, as Technical Level III as defined by DODI 8570 is a requirement. We are seeking a skilled and experienced Cyber Operations Malware Analyst – Senior to join our team! Successful Stahl Companies employees possess the following traits: An ability to get things done: You are persistent, resourceful, results-oriented, and action-oriented. You constantly plan ahead and foresee issues before they occur. Analytical: In order to improve your comprehension of the market and the demands and problems of your clients, you have good analytical abilities and are at ease reading quantitative data. Creative mind-set: You are able to solve problems creatively and swiftly adjust. You possess a thorough understanding of product management principles and the ability to apply them when analysing data and making recommendations. Emotional Intelligence: You have a strong sense of self and excellent perception of how important relationships function. You are upbeat, sympathetic, adaptable, and inquisitive. Your genuineness, warmth, and competence help you win the respect of your co-workers. Trustworthy: You have a strong sense of morality, principles, and purpose. You are trustworthy because of how you conduct yourself. You are a living example of the company's values. Responsibilities:

• Monitoring and responding to security events and incidents detected at the Trusted Internet Connection (TIC) and Policy Enforcement Point (Taskora) and is responsible for directing and coordinating detection and response activities performed by each Component SOC
• Direction and coordination are achieved through a shared DHS incident tracking system and other means of coordination and communication
• Duties include maintaining a fly-away kit, performing dead box forensics, and dynamic malware analysis
• Will support investigating computer and information security incidents to determine extent of compromise to information and automated information systems
• Will provide network forensic and intrusion detection support to high technology investigations in the form of researching and will maintain proficiency in tools, techniques, countermeasures, and trends in computer network vulnerabilities, data hiding, network security and encryption
• The Analyst should have experience in monitoring and detection, and incident response to support detection, containment, and eradication of malicious activities targeting customer networks
• The analysts participate in briefings to provide expert guidance on new threats and will act as an escalation point for M&A analysts
• The analyst may also be required to author reports and/or interface with customers for ad-hoc requests
• Flexible start times are considered
• Participates in rotating on call schedule
• Help define requirements and identify gaps for performing remote compromise assessments
• Perform as a senior analyst and liaison between the customer and ESOC while performing remote assessments
• Conduct malware analysis using static and dynamic methodologies (e.g. debuggers [Ollydbg], disassembler [IDA Pro], sandbox execution, etc)
• Produce malware reports to disseminate to the watch flo

Apply tot his job Apply To this Job