Malware Analyst

Malware Analyst

SASSI - 3.2

Washington, DC Job Details Full-time $47.33 an hour 21 hours ago Benefits Health insurance Dental insurance 401(k) Vision insurance Qualifications Computer science Computer Science Automation Mobile applications Secret Clearance Windows Communication platforms Bash Incident response Bachelor's degree

MITRE ATT&CK HTTPS

Technical Proficiency Python PowerShell Full Job Description Malware Analyst:

Mid Level Location:

Arlington, VA (

Hybrid:

Onsite & Remote)

Clearance Required:

Active Secret (TS/SCI strongly preferred)

Employment Type:

Full-Time, Regular Job Description Special Aerospace Security Services, Inc. (SASSI) is seeking a Senior Malware Analyst to support a U.S. Government customer. The ideal candidate will be a technical expert in malware analysis, capable of working independently with minimal to no technical training required. This role demands advanced proficiency in malware analysis disciplines including mobile forensics, file and software analysis, phishing/email analysis, and URL/domain analysis. The selected candidate will be expected to handle everyday malware work (Tier 1 email analysis, file analysis of executables, etc.) at a senior level, while training will be focused only on Customer-specific processes and procedures. Work Environment This position is a hybrid role, with a required split between onsite support in Arlington, VA, and remote work.

Candidates must be able to:

Maintain a reliable presence during core business hours (8:30 AM to 3:30 PM EST, Monday-Friday, with flexible work hours between 7:00 AM and 6:00 PM). Be available onsite as scheduled for mission requirements, collaborative sessions, and classified work. Remain responsive and engaged during remote days, actively participating in meetings, incident response activities, and customer communications via Microsoft Teams, email, and other platforms. Key Responsibilities Conduct advanced static and dynamic malware analysis to uncover behavior, capabilities, and delivery mechanisms. Perform reverse engineering using tools such as IDA Pro, Ghidra, Binary Ninja to analyze compiled code and embedded threats. Lead and conduct mobile device forensic investigations (iOS/Android). Conduct file and software analysis to detect malicious payloads, trojans, and obfuscation techniques. Perform email analysis to identify phishing attempts, malicious attachments, and social engineering vectors. Conduct URL/domain analysis to uncover malicious redirection, spoofing tactics, and C2 infrastructure. Capture and analyze volatile memory, logs, and artifacts from compromised systems. Develop detection signatures, IOCs, YARA rules, and threat models based on analysis. Collaborate with incident response, SOC, and threat intelligence teams. Produce detailed technical reports and risk analysis briefings for senior leadership. Minimum Qualifications U.S. Citizenship (required). Active Secret clearance (minimum; TS/SCI preferred). Bachelor's degree in Cybersecurity, Computer Science, Digital Forensics, or related discipline (may be substituted with equivalent experience). 8+ years of malware analysis, reverse engineering, or forensic experience. Proven ability to operate as a senior-level analyst without technical training in: Mobile forensics File and software analysis Email analysis (phishing detection) URL/domain analysis Required Skills & Tools Expertise in Windows/Linux internals, file systems, and executable formats. Strong knowledge of network protocols (TCP/IP, HTTP/S, DNS). Proficiency with malware analysis and forensics tools: IDA Pro, Ghidra, Binary Ninja, Radare2 Volatility, Cellebrite, Oxygen Forensics, FTK, EnCase, X-Ways Cuckoo Sandbox, ANY.RUN, VirusTotal Enterprise Scripting for automation: Python, Bash, PowerShell. Familiarity with MITRE ATT&CK, STIX/TAXII, and threat intelligence feeds. Certifications Required (one or more): CASP+ (CompTIA Advanced Security Practitioner) CISSP (ISC)² Certified Information Systems Security Professional GCED (GIAC Certified Enterprise Defender) GCIH (GIAC Certified Incident Handler) Preferred (one or more): GREM (GIAC Reverse Engineering Malware)

OSCP / OSCE / OSEP CEH

(Certified Ethical Hacker) CREA (Certified Reverse Engineering Analyst)

GCFA / GNFA

Education Bachelor's degree in Cybersecurity, IT, Computer Science, or Digital Forensics (preferred; equivalent experience considered).

Job Type:

Full-time Pay:

$47.33 per hour

Benefits:

401(k) Dental insurance Health insurance Vision insurance Application Question(s): What is your salary requirements?

Experience:

Mobile applications: 5 years (Required)

Digital Forensics:

5 years (Preferred) Security clearance: Secret (Required) Ability to

Commute:

Washington, DC 20510 (Required) Ability to

Relocate:

Washington, DC 20510: Relocate before starting work (Required)

Work Location:

Hybrid remote in Washington, DC 20510