Malware Analyst

Icon of a crosshair symbol, indicating the location a job is located at.
Pittsburgh, PA
icon of a stopwatch, indicating a full-time position
Full Time
Icon of a shield and dollar bills, symbol for the CyFin Program at NCFTA.
Malware and Cyber Threats
Icon of a shield and a malware bug, symbol for the MCT Program at NCFTA.
Malware and Cyber Threats
Icon of a shield and a shopping cart, symbol for the BCP Program at NCFTA.
Malware and Cyber Threats
icon of a stopwatch, indicating a part-time position
Full Time

The organization

The National Cyber Forensics & Training Alliance (NCFTA) brings public and private industry together to research and identify current and emerging cyber crime threats globally.

We foster an inclusive and equitable work environment where fairness and respect are at the forefront. Our goal is to create a vibrant and rewarding workplace that excites and engages every individual.

Icon of a shield and dollar bills, symbol for the CyFin Program at NCFTA.Icon of a shield and a shopping cart, symbol for the BCP Program at NCFTA.Icon of a shield and a malware bug, symbol for the MCT Program at NCFTA.

The Team

NCFTA’s MCT Program connects with cross-sector partners’ CTI and Enterprise Security teams to collectively share real-time and evolving cyber threats.  The internal team then focuses on identifying, analyzing, and validating emerging and existing malware variants and works with our partners to disrupt threats that cybercriminals may pose.

We are presently seeking to add a Malware Analyst to our team. This person is responsible for providing basic dynamic analysis to identify threats and develop timely and actionable alerts, briefs, and analytical assessments.  Focusing on known and unknown files, the Analyst will query open source and dark web information as well as internal datasets to produce actionable information in a clear and concise manner.  Some duties for this role include:

  • Conduct analysis of known and unknown files and threats using relevant tools and applications as well as proactive open source and dark web information.
  • Utilize system monitoring tools, sandboxes, and prior reporting to confirm known malware families as well as produce a finished product for dissemination.
  • Assist with maintaining a lab environment where operating systems are installed on computer hardware and scripts are used.
  • Analysis and aggregation of data into appropriate organization systems and datasets
  • Identify credible, new tools and subject matter resources relative to current and emerging malware analysis techniques.
  • Support relationships with NCFTA industry partners, co-located law enforcement, and subject matter experts via briefings, email, conference calls, private listservs, and quarterly and/or annual conferences.

Preferred qualifications include:

  • Be legally authorized to work in the U.S. and be eligible for a U.S. Government security clearance.
  • Bachelor’s degree or full-time equivalent experience.
  • 1-5 years of relevant experience working with malware cyber threats.
  • Basic knowledge of operating systems, networking principles and computer architecture.
  • Analytical and problem-solving skills.
  • Strong verbal and written communication skills
  • Drive to learn new tools, command line interfaces, and programming languages.
  • Detail oriented with self-starting organizational skills to meet deadlines, complete tasks, and respond to partner needs as directed by Program Manager.

Experience with several of these technologies is preferred:

  • SysinternalsSuite (Procmon, Process Explorer, Sysmon, etc.)
  • Wireshark
  • HexEditors
  • Windows
  • Linux
  • VMWare
  • SQL
  • Splunk
  • Python
  • HTML/CSS/JavaScript

How to Apply:

Interested candidates may submit their resume and contact information via cover letter with salary requirements to Human Resource Administrator at HumanResources@ncfta.net.We thank all those interested, however, only those candidates selected for consideration will be contacted. 

Please send a Resume and Cover Letter through the link below