Senior Technical Analyst, Cyber Espionage (Remote)
- Reston, VA, USA
FireEye is the leader in intelligence-led security-as-a-service. Working as a seamless, scalable extension of customer security operations, FireEye offers a single platform that blends innovative security technologies, nation-state grade threat intelligence, and world-renowned Mandiant® consulting. With this approach, FireEye eliminates the complexity and burden of cyber security for organizations struggling to prepare for, prevent, and respond to cyber attacks. FireEye has over 7,000 customers across 67 countries, including more than 45 percent of the Forbes Global 2000.
FireEye Intelligence’s Cyber Espionage team identifies, tracks and reports on government sponsored cyber espionage (APT) activity that takes place all around the world. This work supports corporate and government intelligence clients and other divisions of FireEye.
The Senior Technical Analyst will play an important role on our team, leading investigation and analysis of nation-state threats. The position will conduct in-depth technical analysis of malicious software (malware), campaigns, and the Tactics, Techniques and Procedures (TTPs) of nation-state sponsored actors. A particular emphasis will be on developing novel techniques for tracking advanced actors.
The role will effectively and efficiently work alongside of the technical and threat analysts on the Cyber Espionage Team to produce timely, thorough and actionable reporting. An analyst able to work from our Reston, Virginia is preferred, but we are open to remote work for an experienced candidate.
- Discovery, categorization, and attribution of nation-state malware and infrastructure, including in-depth malware analysis
- Creation of signatures to support the collection and detection of malicious activity
- Development of tools to support proactive hunting across public and proprietary data sets
- Contributing to reporting on these discoveries to inform FireEye Threat Intelligence customers about the above malicious activities.
- Malware Analysis
- Dynamic and static analysis of x86 Windows portable executable binaries
- Experience of x86 assembly language
- Decoding and decrypting of file data and network traffic
- Campaign Tracking
- Experience creating file signatures leveraging malware detection platforms such as Yara
- Experience tracking adversaries via network infrastructure
- Experience correlating and attributing malicious activity
- Experience with finished threat intelligence
- Effective written and oral communication skills
- Experience with the dynamic and static analysis of multiple operating systems and file formats.
- Experience disassembling multiple architectures
- Experience with the creation of file, host, and network signatures leveraging multiple malware and network detection platforms
- Experience developing decoders, decryptors, parsers, and other related tools based on malware, network traffic, and campaign analysis
- Experience developing tools to uncover targeted activity leveraging large data sets
- Experience producing finished intelligence products for multiple audiences
FireEye is an Equal Opportunity Employer: All qualified applicants will receive consideration for employment without regard to race, sex, color, religion, national origin, protected veteran status, or on the basis of disability. Click here to view the full EEO/AA statement.