CERT
 
CERT Contact Information CERT Statistics Meet CERT Publications by CERT Staff Presentations by CERT Staff Employment Opportunities
 

Job #6121 - Malware Analyst

SUMMARY

The CERT Malicious Code group’s analysis team aims to improve malware analysis capability. The successful candidate will support high-impact customers by producing analytical reports, performing strategic analysis of emerging security issues, and developing new analysis methods and tools.

Duties include:

  • Analyze malicious code in support of customers; document and transition results in reports, presentations, and technical exchanges
  • Design, prototype, document, mature, and transition malicious code analysis methods and tools appropriate for operational use
  • Identify and document high impact, emerging, and complex active security threats; design and pursue solutions; and transition results in tools, reports, presentations, and technical exchanges
  • Participate in the broader security community through collaboration, papers, and presentations

Malware Analysts may be on-call for critical support situations.

ESSENTIAL FUNCTIONS

  1. Analyze malicious code in support of customers; document and transition results in reports, presentations, and technical exchanges
  2. Design, prototype, document, and transition malicious code analysis methods and tools appropriate for operational use
  3. Identify and document high impact, emerging, and complex active security threats; design and pursue solutions; and transition results in tools, reports, presentations, and technical exchanges
  4. Participate in the broader security community through collaboration, papers, and presentations

MINIMUM QUALIFICATIONS

Education/Training: Bachelor of Science in Computer Science or scientific/technical field with 8 years experience, or equivalent; Master Degree in Computer Science or scientific/technical field with 5 years of experience, or equivalent.

Experience: Experience with or substantial knowledge in most of the following areas:

  • analysis of malicious code
  • reverse engineering
  • familiarity with multiple programming languages including C and assembly
  • common host and network security tools
  • core internet protocols (e.g., TCP/IP, DNS, SMTP, HTTP, etc.)
  • common types of attacks against systems and networks
  • theoretical underpinnings of computer security

Experience with or substantial knowledge is preferred in many of the following areas:

  • computer forensics
  • software development
  • computer security incident handling
  • system and/or network administration
  • operational details of multiple operating systems
  • cryptography and encryption tools

Additionally, knowledge or familiarity with most of the following areas:

  • best practices for secure code development

Skills/Abilities:

  • analytical and problem solving skills
  • develop and explain technical decisions
  • prioritize work
  • interact effectively with technical and non-technical audiences both written and verbally
  • work within a closely coordinated team
  • work calmly and well under pressure
  • maintain composure while dealing with difficult people
  • recognize and deal appropriately with confidential and sensitive information
  • communicate effectively under normal and stressful situations
  • handle shifting priorities
  • mentoring/training skills

OTHER

Physical/Mobility: Primarily sedentary in an office setting with some mobility. Flexible to travel to various locations within the SEI and CMU community, sponsor sites, conferences, and offsite meetings on occasion.

Environmental Conditions: Normal office conditions; close contact with computer screen for extended periods of time.

Mental:

  • Work meticulously with attention to detail
  • Meet deadlines while working on multiple tasks - sometimes under pressure and with shifting priorities
  • Deal collaboratively, diplomatically, and successfully with customers, co-workers, and other professional colleagues, managers, and staff
  • Grasp the big picture, direction, and goals of an effort
  • Develop and communicate innovative ideas
  • Take leadership role in technical projects
  • Quickly learn new procedures, techniques, and approaches

Candidates must be able to pass a background investigation, obtain a DOD TS/SCI security clearance, and be a US citizen.


Resumes from recruiting firms will not be accepted.

To apply please go to
Careers@CarnegieMellon

Carnegie Mellon is an Affirmative Action/Equal Opportunity Employer.

The Software Engineering Institute (SEI) is a federally funded research and development center sponsored by the U.S. Department of Defense and operated by Carnegie Mellon University.

CERT® and CERT Coordination Center® are registered in the U.S. Patent and Trademark Office.

This page was last updated August 21, 2009