Do you want to enjoy coming to work each day? Do you want to join a stable and interesting work progra...
Do you want to enjoy coming to work each day? Do you want to join a stable and interesting work program with long-term opportunities for growth and development? Come join the Cyber & Investigative Technologies department and leverage your cyber background to solve real-world problems. The selected candidate will work alongside MITRE and Sponsor personnel to further cyber investigative goals.Duties will include conducting technical analysis of assorted media and will vary according to the technical challenge being presented. Tasks may include conducting forensic analysis as well as extracting and analyzing malware from media or PCAP data, writing network detection signatures, and developing scripts to parse large amounts of data (e.g., log files). The candidate may also create tools, interfaces, or other solutions to further Sponsor initiatives. The successful candidate must have a versatile technical background and the ability to develop solutions in an agile manner.The selected candidate will be required to successfully undergo the TS/SCI clearance process. This position is located on-site with the sponsor in Chantilly, VA. (P581) Key FunctionsDevelop agile technical solutions to address sponsor initiatives.Conduct forensic analysis of assorted media (hard drives, USB drives, mobile devices, etc.).Identify, extract, and analyze malware from media or network (PCAP) data.Develop signatures for the detection of malicious activity.Develop scripts/code for parsing large amounts of data (e.g. log files) to facilitate analysis.Provide consulting to sponsor personnel on best practices pertaining to the above.Reach-back to MITRE team and Corporation to bring in other relevant expertise.Must have strong expertise in at least two of the following: Ability to conduct forensic analysis of a compromised system, to include the development of an intrusion timeline.Ability to conduct static/dynamic malware analysis.Ability to identify C2, dropper files, registry key modifications, DLL injection, etc. based on malware analysis.Capable of reading PCAP and conducting network traffic analysis.Ability to identify malicious traffic in PCAP that may be a beacon, file upload, SQL injection, or password brute force attack.Ability to conduct Netflow analysis, packet analysis, and network traffic manipulation.Ability to develop signatures to detect malicious activity in network traffic.Ability to script or write code to process large amounts of data and present it in a usable format.Ability to develop other technical solutions to further cyber investigative goals.Ability to work on site and interface positively with sponsors at all levels. Must be a self-starter with excellent communications skills and the ability to positively represent MITRE.Must understand the fundamentals of TCP/IP communication. Preferred QualificationsThe ability to quickly learn new skills and gain expertise across our qualifications spectrum. Self-starter who is energized by new problems. Collaborative personality. Knowledge of or ability to learn Python strongly preferred. Associated topics: forensic, information assurance, information security, information technology security, leak, malicious, protect, security analyst, security engineer, security officer