This job was posted by https://www.azjobconnection.gov : For more
information, please see: https://www.azjobconnection.gov/jobs/6668277
Job Description
Computer World Services, Corporation (CWS) is seeking an exceptional
candidate to serve as Forensic/Malware Analyst-Senior for the
US Army Regional Cyber Center - Continental United States (RCC-CONUS)
program responsible for performing non-personal Information Technology
(IT) Services and support requirements. RCC-CONUS is responsible to
operate, manage, and defend the Army\'s NIPRNet and Secure Internet
Protocol Router Network (SIPRNet) CONUS portion of the GIG, and the
NIPRNet and SIPRNet DoDIN-A. The RCC-CONUS functions as part of a larger
joint environment, responding to the Theater Combatant Commanders, the
ARCYBER, and the Army Cyber Command\'s Army Cyberspace Operations and
Integration Center (ACOIC), which operates the GIG in support of
Department of Defense (DoD) operations around the world. Services
include Network and System Modernization, Cyber Defensive Operations,
Defensive Cyber Assessments, Defensive Cyber Infrastructure Support,
Threat & Data Analytics, DoDIN Operation Support, Network Management,
Systems Management, IT Lifecycle Management, IT Service Management
(ITSM), Portfolio/IT Investment Management, and Theater Operations and
Service Desk support.
The candidate will lead and participate in the evaluation and analysis
of complex malicious code through the utilization of tools, including
dissemblers, debuggers, hex editors, un-packers, virtual machines, and
network sniffers. Responsible for providing findings in a technical
report with details of the malware, identification parameters, advanced
capabilities, and mitigation strategies.
Key Tasks and Responsibilities
- Responsible for providing findings in a technical report with
details of the malware, identification parameters, advanced
capabilities, and mitigation strategies.
- Conducts research in the area of malicious software,
vulnerabilities, and exploitation tactics. Requires experience with
application security, network security, reverse engineering, or
malware.
- Requires strong knowledge of worms, viruses, Trojans, rootkits,
botnets, Windows internals, and the Win32 API.
- Extensive experience required in programming (assembly and web) and
system analysis with various tools, including IDA Pro, Ollydbg, PCAP
tools, or TCP Dump. Professionally certified, within a CND
discipline, as Technical Level III as defined by DODI 8570 is a
requirement.
- Responsible for providing Network Infrastructure Security, Network
Assistance Visits (NAVs), (NAV), Network, System and Web
Assessments, Network Security Monitoring, Detection, and Analysis,
Forensic and Malware Analysis, and CND, which includes systems
support for both NIPRNet and SIPRNet during core hours.
- Responsible for maintaining a Continuity of Operations (COOP) plan
for DCO systems and services.
- Provide Tactical DCO integration support to United States Forces
Command units by integrating tactical network sensor events and
signature analysis into the RCC DCO processes.
- Provide analysis and signature development assistance to ensure
tactical units are able to detect, identify, and respond to threats
on the network.
- Ensure Tactical data feeds are ingested into the RCC Security
Information and Event Management (SIEM), and that unit data is
provided directly to the tactical edge.
- Provide cyber-Incident Response and analysis on detected or reported
malicious events.
{=html}
<!-- -->
- Under general direction, leads and participates in the evaluation
and analysis of complex malicious code through the utilization of
tools, including dissemblers, debuggers, hex editors, un-packers,
virtual machines, and network sniffers.
- esponsible for providing findings in a technical report with
details of the malware, identification parameters, advanced
capabilities, and mitigation strategies.
- Conducts research in the following areas: malicious software,
vulnerabilities, and exploitation tactics.
- Requires experience with application security, network security,
reverse engineering, or malware.
- Requires strong knowledge of worms, viruses, Trojans, rootkits,
botnets, Windows internals, and the Win32 API.
-
Education & Experience
- BA /BS or an MA/MS preferred from an accredited university
(required)
- Minimum of 12+ years of related IT experience (required)
- Substitution Allowance (MA/MS with 10+ years\' experience can be
substituted for above requirements)
Certifications
- GIAC Certified Forensic Analyst (GCFA), IAT Level II Baseline
Certification
Security Clearance
- Top Secret clearance (Required)
- US Citizen or permanent resident
Other (Travel, Work Environment, Administrative Notes, etc.)
- Travel to CONUS and OCONUS locations to meet mission requirements
and undergo training maybe required. The support outside Fort
Huachuca, AZ including OCONUS if required, will be designated as
TDY.
Computer World Services is an affirmative action and equal employment
opportunity employer. Current employees and/or qualified applicants will
receive