Malicious Software Investigator





Respond to and investigate computer and network security incidents; review, analyze, mitigate, and report on malicious software (i.e. Malware) found on computers and networks; devise analysis techniques that identify malware; recommend responses that mitigate the effects of malware; and perform other duties as assigned.
Respond to computer and network security incidents.
Identify risks to computer systems and recommend corrective actions.
Investigate instances of malware, and determine attack vectors, payloads, and the extent of associated damage and data exfiltration.
Ensure security of computers, networks, and related hardware.
Develop analysis techniques, recommend procedures, and suggest types of hardware or software that may enhance the forensic mission.
Maintain hardware and software documentation that complies with prevailing Federal Information Technology (IT) governance directives.
Establish and maintain a Malicious Software (malware) analysis laboratory (i.e. hardware, software, networks, analysis procedures, and related tools).
Participate in technical meetings and working groups; address issues related to malware security and vulnerabilities.
Assist in developing and delivering malware security awareness products and briefings.
Help customer maintain its information system security posture.
Provide input to help develop policies and procedures for investigating and mitigating malware-related incidents for the customer’s networks, and recommend hardware and software that support this mission.
Collaborate with insider threat personnel, other internal investigators, and external investigators and forensic analysts; help team lead facilitate a premier malware mitigation program.
Author investigatively-sufficient reports and conduct briefings, as required.

Minimum Requirements

Train team members, as directed.
Employ Guidance Software’s EnCase Forensics and Enterprise during analyses.
Employ HBGary Responder, Digital DNA, and Recon products during analyses.
Employ network analysis tools (i.e. Wireshark, tcpdump, etc.), when required.
Qualifications Required:
A minimum of 10 years’ experience in the Federal Law Enforcement or Intelligence Communities.
Bachelor’s degree in business, engineering, or IT field.
Security Clearance: TS
Special Access / Access Eligibility: SCI
Polygraph: Willing to take CI poly

Desired Requirements

Education: Bachelor’s Degree Required
Experience: 10 years of experience