Malware Forensics Analyst

Requisition ID: 21009216

  • Category IconCategory: Information Technology
  • Location IconLocation: Fort Gordon, Georgia
  • Citizenship IconUS Citizenship Required for this Position: Yes
  • Clearance IconClearance Type: SCI
  • Telecommute IconTelecommute: No –Teleworking not available for this position
  • Shift IconShift: 1st Shift
  • Travel IconTravel Required: Yes, 10 % of the Time
  • Positions IconPositions Available: 2

At the heart of Defining Possible is our commitment to missions. In rapidly changing global security environments, Northrop Grumman brings informed insights and software-secure technology to enable strategic planning. We’re looking for innovators who can help us keep building on our wide portfolio of secure, affordable, integrated, and multi-domain systems and technologies that fuel those missions. By joining in our shared mission, we’ll support yours of expanding your personal network and developing skills, whether you are new to the field or an industry thought-leader. At Northrop Grumman, you’ll have the resources, support, and team to do some of the best work of your career Northrop Grumman is actively seeking an experienced Cyber Systems Engineer to fill a Malware Forensic Analyst role that requires a broad array of knowledge and skills working with team members to support a Cyber Security program located at Ft. Gordon.
We're looking for a highly motivated individual with an impeccable work ethic and a strong ability to work in a collaborative fast-moving dynamic team environment working in the area of malware reverse engineering / digital forensics.
This position involves engineering solutions to national security threats with analysis that may involve reverse engineering or vulnerability research of network and communication systems. The position requires solid system analysis skills including a strong knowledge of tools and suites used for malware analysis such as debuggers and disassemblers.

Basic Qualifications for Malware Forensic Analyst:
  • 2 Years with Bachelors in Science; 0 Years with Masters; NOTE: Four (4) years of additional experience can be substituted in lieu of degree
  • US Citizenship is required with an active DoD Top Secret/SCI security clearance which was active in the last 24 months
  • Must possess or be able to obtain DoD 8570 Certification for IAT Level II or higher within two (2) months of starting
Basic Qualifications for Principal Malware Forensic Analyst:
  • 5 Years with Bachelors in Science; 3 Years with Masters; 0 with PhD / NOTE: Four (4) years of additional experience can be substituted in lieu of degree
  • US Citizenship is required with an active DoD Top Secret/SCI security clearance which was active in the last 24 months
  • Must possess or be able to obtain DoD 8570 Certification for IAT Level II or higher within two (2) months of starting
Preferred Qualifications for both Principal and Sr. Principal Levels:
  • Working knowledge of Computer Network Exploitation (CNE), Computer Network Attack (CNA) and Computer Network Defense (CND) tools and techniques.
  • Detailed understanding of computer networking (e.g. TCP/IP, HTTP, SSL)
  • Strong understanding of Windows internals: XP, Vista, Win 7/8/10
  • Python scripting to automate analysis and reverse engineering tasks
  • Strong knowledge of tools used for malware analysis such as debuggers and disassemblers
  • Strong understanding of Microsoft System Internals and Windows APIs
  • Experience with commercial tools, like EnCase, XWay, or Binary Ninja
  • Experience with Open source tools, such as Radare2, Metasploit, and OWASP Zap
  • Familiarity with Atlassian suite and VMware products
  • Functional experience working with military / Department of Defense Cyber community
  • Ability, willingness and desire to train junior analysts in malware and vulnerability analysis and tools
  • Experience in IOT debugging
  • OSCP, GREM, and/or SANS DFIR certifications
  • iOS/Android experience in vulnerability research
  • Participation and success in previous cyber flag exercises
  • Analyzes and assesses infrastructures for potential vulnerabilities that may result from improper configurations, hardware or software flaws, or operational weaknesses
  • 2+ years IDA Pro (or similar tool)
  • 2+ years in debugging and performance tools (windbg/gdb/hex-rays/valgrind)
  • Experience with virtualized environments and able to navigate and use a hybrid cloud to enhance workflows and analysis
  • Ability to quickly make prioritizations and determinations that lead to actionable decisions.
  • Skilled teammate to work together with a team to produce results quickly
  • Ability to communicate technically complex problems to various audiences
  • When required, have the ability to work outside of normal working hours and weekends as needed to support the customer’s needs
  • Be able to support infrequent CONUS travel to user locations for assistance
  • Strong verbal and written communication skills
  • Able to work in a fast-paced environment



Northrop Grumman is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity/Affirmative Action Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. For our complete EEO/AA and Pay Transparency statement, please visit www.northropgrumman.com/EEO. U.S. Citizenship is required for most positions.

Apply Now
Apply Now

What's great about
Northrop Grumman

  1. Be part of a culture that thrives on intellectual curiosity, cognitive diversity and bringing your whole self to work.
  2. Use your skills to build and deliver innovative tech solutions that protect the world and shape a better future.
  3. Enjoy benefits like work-life balance, education assistance and paid time off.


Did you know?

We offer an array of benefits to give you the support you need, including matching 401K, tuition assistance, health insurance and wellness options, coaching, mentoring and more.