This job is closed
We regret to inform you that the job you were interested in has been closed. Although this specific position is no longer available, we encourage you to continue exploring other opportunities on our job board.
Ipsecure - San Antonio, TX
posted about 2 months ago
Full-time
San Antonio, TX
Professional, Scientific, and Technical Services
About the position
The Forensic Malware Analyst at IPSecure plays a critical role in cybersecurity by investigating and analyzing digital evidence to combat cyber threats. This position requires a strong understanding of forensic tools and methodologies to document findings, track evidence, and collaborate with various agencies to ensure the integrity of investigations. The analyst will also provide technical support and generate reports to communicate complex findings effectively.
Responsibilities
- Document all findings in the investigation/incident log.
- Track evidence inventory for intake and releasing to the forensics laboratory, ensuring proper handling and maintenance of evidence and chain of custody records.
- Utilize forensic tools such as EnCase, FTK, FireEye, etc., and other systems as required.
- Conduct analysis of metadata and forensic examinations of digital media from various sources, developing forensically sound evidence.
- Confirm malicious activity when new information is identified through forensic analysis.
- Investigate network and computer intrusions to identify root causes and generate indicators of compromise, documenting all findings in the investigation/incident log.
- Perform memory forensics and malware reverse engineering of suspected malicious files, documenting all findings/Indicators of Compromise (IOCs).
- Perform Hard Drive Analysis of suspected/confirmed infected or exploited systems, documenting all findings in the investigation/incident log.
- Develop methods to identify, contain, log, and analyze malware-based activities on AF AIS and networks.
- Provide support to AF network administrators on the installation and analysis of packet sniffers on their network topology.
- Generate forensic reports and synopses, presenting complex technical processes and findings clearly to technical and non-technical audiences.
- Collaborate with leadership and external agencies, including Counter-Intelligence activities/agencies, OSI, FBI, and other security agencies.
- Provide AF OSI DCO technical support to law enforcement and counter-intelligence activities.
- Turn any investigation over to AF OSI if a law is broken during an investigation.
- Support and/or augment Incident Response deployment with same day notice, including travel to retrieve hard drives or perform on-site actions.
Requirements
- An active TS/SCI clearance is required to start.
- Must have a GIAC Certified Forensic Analyst (GCFA) within 120 days of date of hire.
- Must have a GIAC Reverse Engineering Malware (GREM) within 120 days of date of hire.
Nice-to-haves
- 5+ years of experience as a Forensic Malware Technician.
- Experience performing forensic acquisition and examination of Windows, Unix/Linux, and Macintosh-based computers and servers.
- Experience with a variety of forensic tools (Access Data, FTK, Guidance EnCase, Axiom/BlackBag Mobilyze/Cellebrite/Paraben, FTK, X-Ways Forensics, FireEye, Volatility, Sleuthkit, BlackBag tools) and various Open Source forensic tools.
- Shell Scripting experience.
- Experience writing intelligence and technical articles for production and dissemination.
- Very proficient with malware analysis, sandboxing, and software reverse engineering.
- Proficient experience with scripting languages such as Python and PowerShell.
- Extensive knowledge of MITRE ATT&CK framework and its uses within the cybersecurity community.
Benefits
- 401(k) matching
- Dental insurance
- Health insurance
- Paid holidays
- Vision insurance
