Malware Engineering Analyst

SkyePoint Decisions is a leading Cybersecurity Architecture and Engineering, Critical Infrastructure and Operations, and Applications Development and Maintenance IT service provider headquartered in Dulles, Virginia with operations across the U.S. We provide innovative enterprise-wide solutions as well as targeted services addressing the complex challenges faced by our federal government clients. Our focus is on enabling our clients to deliver their mission most efficiently and effectively – anytime, anywhere, securely. We combine technical expertise, mission awareness, and an empowered workforce to produce meaningful results.

As a SkyePoint employee you will be given the opportunity to support some of our nation’s most critical information systems by utilizing not only your existing cybersecurity skills and talents, but those that you will learn in your new role. In your new role as a cyber security professional, you will protect our customer’s most sensitive data and complex systems from all forms of threats including cyber-attacks, insider threats, rogue network devices, and malicious software and applications. You will work with a team of like-minded professionals to share and collaborate upon your ideas to improve the cybersecurity infrastructure, architecture, and configuration deployments. Your ideas and contributions will matter.

This is a contingent position based upon customer approval. 

Skyepoint Decisions is seeking a Malware Engineering Analyst to support the Diplomatic Security Cyber Mission (DSCM) program providing leading cyber and technology security experience to enable innovative, effective, and secure business processes. 

This position supports multiple onsite locations. This role will be located in both Beltsville, MD AND Rosslyn, VA.  This role supports the Cyber Incident Response Team (CIRT) as a key member of Incident Response Tiger Team. 

The customer requirement requires every employee to be onsite for the first 90 days. After the 90 day period, a hybrid schedule may be offered.  The selected candidate must be able to support a hybrid and flexible schedule, in the event of significant cyber incident a continuous on site presence will be required. 

What you’ll do: 

• Provide Subject Matter Expert (SME) level malware analysis support in a 24x7x365 environment.
• Share in-depth knowledge and intelligence gained from cyber security events with stakeholders.
• Protect against and prevent potential cyber security threats and vulnerabilities.
• Provide SME level response, technical assistance and expertise for significant cyber incidents, investigations and related operational events.
• Develop and implement training programs for malware analysts.
• Conduct detailed research to increase awareness and readiness levels of the security operations center.
• Conduct advanced analysis and recommend remediation steps.
• Publish after-action reports, cyber defense techniques, guidance, and incident reports.
• Review, draft, edit, update and publish cyber incident response plans.

Basic Qualifications:

To be considered for this position, you must minimally meet the knowledge, skills, and abilities listed below:

• Bachelor’s Degree and a minimum of 11 years’ experience or Master's Degree and 9 years of experience is required. An additional 4 years of experience may be used in lieu of degree.
• Ability to obtain Top Secret security clearance is required, can join with a Secret clearance. 
• Must be able to work an onsite schedule at both Beltsville MD and Rosslyn, VA. 
• Ability to resolve highly complex malware and intrusion issues using computer host analysis, forensics, and reverse engineering.
• Ability to recommend sound counter measures to malware and other malicious type code and applications which exploit customer communication systems.
• Experience in the development of policies and procedures to investigate malware incidents for the enterprise network.
• Experience handling national state level intrusions.
• Experience with evidence custody and control procedures.
• Experience with Debuggers, Disassemblers, Unpacking Tools, and Binary analysis tools.
• Experience with static and dynamic malware analysis tools and techniques.
• Knowledge of IOCs and APT threat actors.
• Demonstrated knowledge of the Incident Response Lifecycle.
• Demonstrated ability to utilize and leverage forensic tools to assist in determining scope and severity of a cybersecurity incident.
• Ability to identify remediation steps for cybersecurity events.
• Strong organizational skills.
• Proven ability to operate in a time sensitive environment. 
• Proven ability to communicate orally and written.
• Proven ability to brief (technical/informational) senior leadership.
• Must be a US citizen
• Must have one of the following certifications:
  • CASP+ CE
  • CCISO
  • CCNA Cyber Ops
  • CCNA-Security
  • CCNP Security
  • CEH
  • CFR
  • CISA
  • CISM
  • CISSP (or Associate)
  • CISSP-ISSAP
  • CISSP-ISSEP
  • Cloud+
  • CySA+
  • GCED
  • GCIA
  • GCIH
  • GICSP
  • GSLC
  • SCYBER

Preferred Qualifications:

• Knowledge of host and network forensic analysis.
• Knowledge of high and low level programming.
• Knowledge of network, architecture, design and security.
• Knowledge of system design and process methodologies.
• Experience in developing and delivering comprehensive training programs. 
• Experience collaborating with cross functional teams.
• Experience working in the inter-agency environment. 
• Ability to communicate technical concepts to executive level leadership.

What We Can Offer You - 

• At SkyePoint, we go B.I.G. (beginning in GRATITUDE) by recognizing all we have and giving back to our employees, families, and communities. It instills a positive mindset that permeates all we do. By beginning in gratitude, SkyePoint can continue to spread living in gratitude each day.
• Great Benefits: Several insurance options including HMO and High Deductible plans with Health Savings Accounts [HSAs], Flex Spending Accounts [FSAs], Full Dental Plans, ST/LT Disability, Life Insurance, floating federal holiday options, and 401k matched
• Certificate Incentive Program: To promote professional development, we recognize and reward employees who obtain new certifications aligned with business needs.
• SkyePoint DoD SkillBridge Industry Partner Fellowship Program

• Flexible Work Environment

SkyePoint Decisions is an established ISO 9001:2015 and ISO/IEC 27001:2013 certified small business and appraised at CMMI Level 3 for Services and Development. We possess a common vision of excellence and foster a collaborative team culture built upon individual performance and accountability. We invest in our people and systems to create value for our clients. It is the SkyePoint Way. We are grateful for the opportunity to work with exceptional people and give back to the communities we serve. Our employees value the flexibility at SkyePoint that allows them to balance quality work and their personal lives.

Please be aware of recruiting scams and people claiming to be from SkyePoint Decisions. For more information, please see the Welcome Page of our Careers site.

Skyepoint Decisions is a participating E-Verify Employer. 

U.S. Citizenship is required for most positions.

Equal Opportunity Employer/Veterans/Disabled.