The Network Threat & Malicious Code Support Specialist -Sr (NTMCSS) will be part of a team responsible for analyzing, mapping, protecting and/or discovering vulnerabilities, intrusions and threats in computer network systems. The NTMCSS will conduct comprehensive analysis of all types of computer code, particularly malicious code to discover unknown, suspicious or exploitation activity. Will collaborate with analytical counterparts and across the U.S. Intelligence Community and apply knowledge of network fundamentals, open-source tools, and current implementation of those technologies in order to devise strategies to pursue access and exploitation of targets of interest.
• Perform long-term and time sensitive, in-depth technical analysis of malicious code (malware), analyze the inner workings, and develop defensive countermeasures.
• Write forensics and/or incident response reports, investigating computer attacks, and extract data from electronic systems.
• Train team members on analysis, tools and reporting.
• Perform technical analysis against target systems and networks, characterize target network capabilities and vulnerabilities, and support development of new techniques to exploit targets.
• Perform analyses of cyber activities to identify entities of interest; their methods, motives, and capabilities; determine malicious behavior; and recognize emergent patterns and linkages to visualize the larger picture of cyber-based operations.
• Discover unknown, suspicious or exploitation activity, and provide briefings of intrusion set activity to partner organizations/agencies.
• Perform technical analysis for exploitation of an identified activity that is of an unknown or suspicious origin.
UNITED STATES CITIZENSHIP IS REQUIRED. THIS POSITION REQUIRES AN ACTIVE TOP SECRET/SCI WITH POLYGRAPH CLEARANCE.
Shall have a Bachelors Degree and a minimum of 12 years of work experience in the network and vulnerability analysis. Bachelor's degree in an applicable (math, science, computers, engineering) fields .
Work experience with any of the following Malware tools: Wireshark, OllyDBg, IDA Pro, RegShot, TCPDump, WinHex, Windbg, or PEid.
Experience writing scripts/tools to develop an analysis capability to include: Applying basic analytic methods such as computer programming, (JAVA, Perl, C, etc.) and debugging programs.
Experience related to the use of relevant CNO and SIGINT tools and databases used for the customer mission.
• Experience in network and vulnerability analysis.
An understanding of the Special Technical Operations and Special Access Program communities.
Excellent written and verbal communication skills are required with the ability to present complex technology into layman terms.
Self- motivated, creative, organized, willing to work as a member of a team, and able to manage individual schedule.
Ability to work in a dynamic environment and non-standard hours when needed.
External Referral Eligible