Malware Analyst at Prism, Inc.

Prism, Inc is looking for a Junior to Mid Level Malware Analyst to join our team. The position is 100% remote on a long term contract but the candidate would need to go onsite the first week for onboarding and training in Reston, VA.

Technical requirements:

  • Write signatures for endpoint detection/protection platforms (EDR/EPP)
  • Create content in SIEM for host-based signature detection
  • Monitor SIEM tool for host-based signature detection; tune and escalate accordingly
  • Write custom scripts to decode and automate analysis process
  • Produce accurate, high-quality, evidence-based reports and presentations
  • Working understanding of the Lockheed Martin Cyber Kill Chain®
  • Incident Response
  • Intrusion Analysis
  • Forensic Analysis
  • Eligible to obtain/maintain a security clearance at the Secret level

Experience:

  • 4+ years work experience preferred
  • GIAC Reverse Engineering Malware [GREM] (or equivalent)
  • Experience with x64dbg, Ollydbg, IDA Pro
  • Experience with setting up a malware analysis lab (VMs, tools, etc.)
  • Experience working on a reverse engineering team or a security operations center
  • No degree required
  • Malware Reverse Engineering, Disassembly, and Debugging
  • Ability to perform both Behavioral/Dynamic and Static malware analysis
  • Proficiency with open-source malware analysis tools
  • Extensive experience with Windows operating system internals
  • Experience analyzing PE and comfortable working with various file types such as macros, .NET, Delphi, and C/C++-based programs
  • Ability to review and interpret host-based alerting
  • Experience with Endpoint Detection & Response (EDR) products
  • Experience with Endpoint Protection Platform (EPP) products
  • Malware classification/detection with Yara

Preferred Education, Experience, & Skills

  • Experience with ELF file format and Linux OS internals
  • Experience with analyzing both commodity and nation-state malware
  • Familiar with malware families (e.g. PoisonIvy, Gh0st RAT)
  • GREM/GCFE/GCFA (or equivalent)
  • Python/Perl/PowerShell Scripting
  • EnCE
  • Ability to read and interpret PCAP
  • FireEye Endpoint Protection (HX) experience
  • McAfee Access Protection (MCAP) experience
- provided by Dice

Please let the company know you found this position on remote-developer-jobs.com so we can keep providing you with quality jobs.