National Cyber Forensics and Training Alliance (NCFTA) – Pittsburgh, PA 15219

The National Cyber Forensics & Training Alliance (NCFTA) brings public and private industry together to research and identify current and emerging cyber crime threats globally. Our organization strives to achieve professional and technical excellence, build lasting professional relationships and make a difference in society. We hire employees who are passionate about what they do and we promote a culture of integrity and hard work. For further information see

The Malware Analyst II is responsible for providing static and dynamic analysis in order to identify threats and recommend preventive measures for those threats along with developing timely and actionable alerts, briefs and analytical assessments.

Duties and Responsibilities: 

  • Utilize multiple reverse engineering tools and techniques
  • Conduct analysis of unknown files and produce a finished product for dissemination.
  • Create signatures on known and unknown malware families
  • Assist in the lab environment with new ideas, technology and updated operating policies.
  • Analysis and aggregation of data into appropriate organization systems, and datasets
  • Identify credible new tools and subject matter resources relative to current and emerging malware analysis techniques and implement them when needed.
  • Identify and coordinate cases for cross-sector collaboration within the organization.

Position Qualifications:  To be considered for this position, the candidate must meet the knowledge, skills and abilities listed below: 

Must be legally authorized to work in the U.S. and be eligible for a U.S. Government security clearance

  • Strong knowledge of operating system internals, assembly language, and reverse engineering techniques.
  • Thorough working understanding of the security industry and knowledge in identifying credible, malware analysis techniques relative to current and emerging threats.
  • Display skills in learning and creating new tools as more advanced malware families as they are discovered.
  • Strong communication (written and verbal) with the ability to brief/communicate information in a concise, effective manner to a wide range of audiences with minimal oversight.
  • Ability to use static and dynamic methods to analyze a file using a debugger disassembler and other tools in a Virtual Machine (VM).
  • Detail oriented with strong organizational skills in order to meet deadlines, complete tasks and respond to partner needs with minimal oversight.

Technical Qualifications Desired: 

  • Sysinternals Suite (Procmon, Process Explorer, Sysmon, etc.)
  • Wireshark
  • Hex Editors
  • Windows
  • Linux
  • VMWare
  • SQL
  • Splunk
  • Python
  • HTML/CSS/JavaScript
  • IDA Pro
  • x32dbg/x64dbg
  • dnSpy
  • Yara
  • Snort/Suricata

Resumes should be directed to:  Please include:

  • Your resume
  • A cover letter in which you specify your qualifications for the position and salary requirements