Forensic/Malware Analyst

Link Solutions, Inc. is seeking a Forensic/Malware Analyst (Senior-Level) to join our team in Sierra Vista, AZ.

• US Citizen
• Must have DoD Secret Clearance
• Non-remote (relocation incentive available)
• Starting Bonus Available

The Forensic/Malware Analyst will provide information technology services and support for the US Army Regional Cyber Center program responsible for operating, managing, and defending the Army’s NIPRNet and Secure Internet Protocol Router Network (SIPRNet) CONUS portion of the GIG, and the NIPRNet and SIPRNet DoDIN-A.

The candidate will lead and participate in the evaluation and analysis of complex malicious code through the utilization of tools, including dissemblers, debuggers, hex editors, unpackers, virtual machines, and network sniffers. The Analyst will be responsible for providing findings in a technical report with details of the malware, identification parameters, advanced capabilities, and mitigation strategies.

Job Responsibilities:

• Provide network infrastructure security, Network Assistance Visits (NAVs), (NAV), System and Web Assessments, and network security.
• Monitor, detect, and analyze NIPRNet and SIPRNet during core hours.
• Responsible for maintaining a Continuity of Operations (COOP) plan for DCO systems and services.
• Responsible for providing findings with details of the malware, identification parameters, advanced capabilities, and mitigation strategies.
• Conducts research in the area of malicious software, vulnerabilities, and exploitation tactics. Requires experience with application security, network security, reverse engineering, or malware.
• Provide Tactical DCO integration support to United States Forces Command units by integrating tactical network sensor events and signature analysis.
• Provide analysis and signature development assistance to ensure tactical units can detect, identify, and respond to threats on the network.
• Ensure Tactical data feeds are ingested into the RCC Security Information and Event Management (SIEM), and that unit data is provided.
• Provide incident response and analysis on detected or reported malicious events.
• Lead and participate in the evaluation and analysis of complex malicious code through the utilization of tools, including dissemblers, debuggers, hex editors, un-packers, virtual machines, and network sniffers.

Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties, or responsibilities that are required of the employee for this job.

Requirements

• US Citizenship
• Must have DoD Secret Clearance
• GIAC Certified Forensic Analyst (GCFA)
• IAT Level II Certification equivalent or higher (CompTIA Security+ CE, CCNA Security Training, CySA+, GICSP, GSEC, etc.)
• BA/BS degree in Information Technology, Cybersecurity, Data Science, Information Systems, or Computer Science.
• Ten (10+) years of directly related experience.
• Requires strong knowledge of worms, viruses, Trojans, rootkits, botnets, Windows internals, and the Win32 API.
• Experience with application security, network security, reverse engineering, or malware.
• Experience in programming (assembly and web) and system analysis with various tools, including IDA Pro, Ollydbg, PCAP tools, and TCP Dump.

Additional Certification Required: (most have one of the following)

• CCE: Certified Cybersecurity Engineer
• CCISO: Certified Chief Information Security Officer
• CEH: Certified Ethical Hacker
• CFR: CyberSec First Responder
• CISA: Certified Information Systems Auditor
• CISM: Certified Information Security Manager
• Cloud+: CompTIA Cloud plus
• CPTE: Certified Penetration Testing Engineer
• CySA+: CompTIA Cybersecurity Analyst plus
• FITSP-A: Federal IT Security Professional-Auditor-NG
• GCED: GIAC Certified Enterprise Defender
• GCFE: GIAC Certified Forensic Examiner
• GCIH: GIAC Certifed Incident Handler
• GCSA: GIAC Cloud Security Automation
• GICSP: Global Industrial Cyber Security Professional
• GPEN: GIAC Penetration Tester
• GSEC: GIAC Security Essentials Certification
• PenTest+: CompTIA Penetration Tester plus

Preferred:

• Professionally certified, within a CND discipline, as Technical Level III as defined by DODI 8570 is a requirement.
• MA/MS with twelve (12+) years of experience.
• Demonstrated understanding of U.S. Army IT operational and technical requirements.
• Experience leading a large, technically complex organization.
• Demonstrated success and experience managing contractors in a DoD environment, working with Military and civilian leadership, while obtaining mission success and program profitability.
• Excellent organizational skills, attention to detail, and ability to prioritize and manage multiple tasks.
• Strong interpersonal, written, and verbal communication skills.

Additional information

This opportunity is contingent upon successful award and contract negotiation which is currently in process.

Link Solutions Inc. offers a competitive compensation and benefits package to include paid holidays, paid time off, medical, dental, vision, company-paid long and short-term disability, life insurance, referral bonuses, relocation incentive program, certification reimbursement program, retirement, and more.

Link Solutions, Inc. is an EOE. AA/M/F/D/V. We participate in the E-Verify Employment Verification Program. All your information will be kept confidential according to EEO guidelines.