Booz Allen Hamilton has been at the forefront of strategy and technology for more than 100 years. Today, the firm provides management and technology consulting and engineering services to leading Fortune 500 corporations, governments, and not-for-profits across the globe. Booz Allen partners with public and private sector clients to solve their most difficult challenges through a combination of consulting, analytics, mission operations, technology, systems delivery, cybersecurity, engineering and innovation expertise.
Key Role:
Research, analyze, and document malware exploits, vulnerabilities, and behavior. Develop and recommend mitigating controls or remediation to malware and other malicious code and applications. Support Cybersecurity technical testing services, including network and application penetration testing, vulnerability assessments, and Red Team operations and apply knowledge of exploits and vulnerabilities. Leverage expertise as part of the incident management and business continuity support for clients. This position will require international travel of up to 70% of the time.
Basic Qualifications:
-4 years of experience with reverse engineering of malware for malware analysis and the use of reverse engineering and debugging tools
-Experience with malware analysis tools, including Balbuzard, Bro, Cuckoo Sandbox, IDA Pro, Remnux, Sandboxie, and Yara
-Experience with the identification and classification of malware families based on standard taxonomy
-Knowledge of malware assembly and obfuscation techniques and tools
-Knowledge of the latest Cybersecurity threats, tools, vulnerabilities, and malware families
-Knowledge of operating systems, including Windows, Linux, and Mac, application behaviors, and network traffic analysis to identify malware exploits
-BA or BS degree in IT, Information Security, Computer Engineering, or EE or 8+ years of experience with reverse engineering in lieu of a Bachelor’s degree
Additional Qualifications:
-Experience in the setup of malware analysis lab environments with sandboxes to contain malware analysis in a controlled environment
-Experience with applying Cyber threat intelligence to support incident analysis
-Experience with investigations or intelligence
-Knowledge of the Security Operations Centre, Network Operations Centre operations, development and operations, Cyber kill–chain analysis for incident response, and relevant security technologies
-Ability to automate through the development and deployment of custom scripts, shellcode, or applications
-CISSP, CSX, CHFI, CEH, or GREM Certification
-OSCP or CREST Certification
Integrating a full range of consulting capabilities, Booz Allen is the one firm that helps clients solve their toughest problems by their side to help them achieve their missions. Booz Allen is committed to delivering results that endure.
We are proud of our diverse environment, EOE, M/F/Disability/Vet.
CB15