Malware Analyst Lead

Job Description
BAE Systems Global Security Operations Center has a job opening for a senior lead malware analyst/reverse engineer located in Reston, VA.

Technical Requirements:

  • Perform triage analysis of malware samples
  • Manage a team of 1-2 malware analysts
  • Provide malware family identification
  • Write and tune Yara signatures to identify and discover malware
  • Monitor for new malware samples using subscription services
  • Support Security Operations by providing timely report of relevant malware indicators for intrusion detection
  • Support forensic operations/endeavors
  • Write signatures for endpoint detection/protection platforms (EDR/EPP)
  • Create content in SIEM for host-based signature detection
  • Monitor SIEM tool for host-based signature detection; tune and escalate accordingly
  • Write custom scripts to deobfuscate, decode and automate analysis process
  • Produce accurate, high-quality, evidence-based reports and presentations
  • Working understanding of the Lockheed Martin Cyber Kill Chain®
  • Incident Response
  • Intrusion Analysis
  • Forensic Analysis
  • Eligible to obtain/maintain a security clearance at the Secret level
Typical Education & Experience
Typically a Bachelor's Degree and 8 years work experience or equivalent experience

Required Skills and Education
Typical Education and Experience:
  • 6+ years work experience preferred
  • GIAC Reverse Engineering Malware [GREM] (or equivalent)
  • Experience with x64dbg, Ollydbg, and/or IDA Pro
  • Experience with setting up a malware analysis lab (VMs, tools, etc.)
  • Experience working on a reverse engineering team or a security operations center
Required Skills:
  • Malware Reverse Engineering, Disassembly, and Debugging
  • Ability to perform both Behavioral/Dynamic and Static malware analysis
  • Proficiency with open-source malware analysis tools
  • Extensive experience with Windows operating system internals
  • Experience analyzing PE and comfortable working with various file types such as macros, .NET, Delphi, and C/C++-based programs
  • Ability to review and interpret host-based alerting
  • Experience with Endpoint Detection & Response (EDR) products
  • Experience with Endpoint Protection Platform (EPP) products
  • Malware classification/detection with Yara
Preferred Skills and Education
  • Experience with ELF file format and Linux OS internals
  • Experience with analyzing both commodity and nation-state malware
  • Familiar with malware families (e.g. PoisonIvy, Gh0st RAT)
  • GREM/GCFE/GCFA (or equivalent)
  • Python/Perl/PowerShell Scripting
  • EnCE
  • Ability to read and interpret PCAP
  • FireEye Endpoint Protection (HX) experience
  • McAfee Access Protection (MCAP) experience
  • CREA
About BAE Systems, Inc.
BAE Systems is a premier global defense and security company with approximately 90,000 employees delivering a full range of products and services for air, land and naval forces, as well as advanced electronics, security, information technology solutions and customer support and services. People are the greatest asset in any Company. BAE Systems is committed to hiring and retaining a diverse workforce. Equal Opportunity Employer/Females/Minorities/Veterans/Disabled/Sexual Orientation/Gender Identity/Gender Expression


Back to top