Malware Analyst

Special Aerospace Security Services, Inc. (SASSI)
Position Title: Malware Analyst - Mid-Level
Location: Arlington, VA (On-Site at Government Facility)
Clearance Requirement: U.S. Citizenship Required - Active Secret Clearance (TS/SCI preferred)

Position Summary:

SASSI is seeking a Mid-Level Malware Analyst to support a U.S. Government client in Arlington, VA. The selected candidate will conduct malware analysis, reverse engineering, and digital forensic assessments to support cyber threat detection and mitigation efforts. The analyst will work in a collaborative, mission-driven environment focused on securing national security systems from advanced persistent threats (APTs), zero-day attacks, and other cyber threats.

Key Responsibilities:

• Conduct static and dynamic analysis on malware samples (e.g., executables, scripts, documents)
• Reverse engineer malware to understand behavior, functionality, C2 infrastructure, and anti-analysis techniques
• Develop and document indicators of compromise (IOCs) and detection signatures (e.g., YARA, Snort)
• Perform digital forensic triage and media analysis (hard drives, USBs, VMs, memory images)
• Analyze mobile devices (Android/iOS) for signs of compromise, unauthorized access, or data exfiltration
• Support incident response teams with malware insights and root cause analysis
• Collaborate with cyber threat intelligence and SOC teams to enhance detection and defense strategies
• Produce clear and concise technical reports and briefings for both technical and non-technical stakeholders

Minimum Qualifications:

• U.S. Citizenship required
• Active Secret Clearance required (TS/SCI strongly preferred)
• Bachelor's degree in Cybersecurity, Computer Science, Computer Engineering, Digital Forensics, or a related discipline
  (Experience may be considered in lieu of a degree on a case-by-case basis)
• 3-5 years of hands-on experience in malware analysis, digital forensics, reverse engineering, or a related cybersecurity discipline

Required Skills and Tools:

• Strong understanding of Windows and Linux internals
• Familiarity with malware analysis tools including IDA Pro, Ghidra, Binary Ninja, Radare2
• Experience with sandboxing environments such as Cuckoo Sandbox or ANY.RUN
• Comfortable scripting in Python, PowerShell, or Bash to automate analysis tasks
• Hands-on experience with forensic tools (e.g., FTK, EnCase, Volatility, X-Ways)
• Ability to extract and interpret malware indicators (IP addresses, domains, registry keys, etc.)
• Working knowledge of network protocols and traffic analysis (TCP/IP, DNS, HTTP/S)
• Knowledge of threat actor tactics and the MITRE ATT&CK Framework
• Familiarity with mobile forensics tools such as Cellebrite, Magnet AXIOM, or Oxygen Forensics

Preferred Certifications (One or More):

• GREM (GIAC Reverse Engineering Malware)
• OSCP (Offensive Security Certified Professional)
• CEH (Certified Ethical Hacker)
• CREA (Certified Reverse Engineering Analyst)
• CompTIA Security+
• CISSP or SSCP
• GCFA, GNFA, or other SANS DFIR-related certifications

Position Type & Schedule:

• Full-Time / Regular
• Exempt (Salaried)
• Location: On-site in a secure government facility in Arlington, VA
• Travel: Minimal