BAE Systems, Inc. is searching for a Senior Malware Cyber Analyst to Perform triage analysis of malware samples, provide malware family identification, and write and tune Yara signatures to identify and discover malware.
Monitor for new malware samples using subscription services and Support Security Operations by providing timely report of relevant malware indicators for intrusion detection. Support forensic operations/endeavors. Technical requirements:. Write signatures for endpoint detection/protection platforms (EDR/EPP).
Create content in SIEM for host-based signature detection. Monitor SIEM tool for host-based signature detection; tune and escalate accordingly. Write custom scripts to deobfuscate, decode and automate analysis process.
Produce accurate, high-quality, evidence-based reports and presentations. Working understanding of the Lockheed Martin Cyber Kill Chain®. Incident Response. Intrusion Analysis. Forensic Analysis. Eligible to obtain/maintain a security clearance at the Secret level Typical Education and Experience:.
4+ years work experience preferred. GIAC Reverse Engineering Malware [GREM] (or equivalent). Experience with x64dbg, Ollydbg, IDA Pro.
Experience with setting up a malware analysis lab (VMs, tools, etc.). Experience working on a reverse engineering team or a security operations center. No degree required Required Education, Experience, & Skills.
Malware Reverse Engineering, Disassembly, and Debugging. Ability to perform both Behavioral/Dynamic and Static malware analysis. Proficiency with open-source malware analysis tools.
Extensive experience with Windows operating system internals. Experience analyzing PE and comfortable working with various file types such as macros, .NET, Delphi, and C/C++-based programs.
Ability to review and interpret host-based alerting. Experience with Endpoint Detection & Response (EDR) products. Experience with Endpoint Protection Platform (EPP) products.
Malware classification/detection with Yara Preferred Education, Experience, & Skills. Experience with ELF file format and Linux OS internals. Experience with analyzing both commodity and nation-state malware.
Familiar with malware families (eg PoisonIvy, Gh0st RAT). GREM/GCFE/GCFA (or equivalent). Python/Perl/PowerShell Scripting. EnCE.
Ability to read and interpret PCAP. FireEye Endpoint Protection (HX) experience. McAfee Access Protection (MCAP) experience.
CREA About BAE Systems, Inc.BAE Systems, Inc. is the U.S. subsidiary of BAE Systems plc, an international defense, aerospace and security company which delivers a full range of products and services for air, land and naval forces, as well as advanced electronics, security, information technology solutions and customer support services. Improving the future and protecting lives is an ambitious mission, but it's what we do at BAE Systems.
Working here means using your passion and ingenuity where it counts - defending national security with breakthrough technology, superior products, and intelligence solutions. As you develop the latest technology and defend national security, you will continually hone your skills on a team-making a big impact on a global scale. At BAE Systems, you'll find a rewarding career that truly makes a difference.
At BAE Systems, we celebrate the array of skills, experiences, and perspectives our employees bring to the table. For us, differences are a source of strength. We're laser-focused on high performance, and we work hard every day to nurture an inclusive culture where all employees can innovate and thrive.
Here, you will not only build your career, but you will also enjoy work-life balance, uncover new experiences, and collaborate with passionate colleagues..