Mid-Level Malware Analyst

Malware Analyst: Mid Level

Location: Arlington, VA (Hybrid: Onsite & Remote)

Clearance Required: Active Secret (TS/SCI strongly preferred)

Employment Type: Full-Time, Regular

Job Description

Special Aerospace Security Services, Inc. (SASSI) is seeking a Senior Malware Analyst to support a U.S. Government customer. The ideal candidate will be a technical expert in malware analysis, capable of working independently with minimal to no technical training required. This role demands advanced proficiency in malware analysis disciplines including mobile forensics, file and software analysis, phishing/email analysis, and URL/domain analysis.

The selected candidate will be expected to handle everyday malware work (Tier 1 email analysis, file analysis of executables, etc.) at a senior level, while training will be focused only on Customer-specific processes and procedures.

Work Environment

This position is a hybrid role, with a required split between onsite support in Arlington, VA, and remote work. Candidates must be able to:

Maintain a reliable presence during core business hours (8:30 AM to 3:30 PM EST, Monday-Friday, with flexible work hours between 7:00 AM and 6:00 PM).

Be available onsite as scheduled for mission requirements, collaborative sessions, and classified work.

Remain responsive and engaged during remote days, actively participating in meetings, incident response activities, and customer communications via Microsoft Teams, email, and other platforms.

Key Responsibilities

Conduct advanced static and dynamic malware analysis to uncover behavior, capabilities, and delivery mechanisms.

Perform reverse engineering using tools such as IDA Pro, Ghidra, Binary Ninja to analyze compiled code and embedded threats.

Lead and conduct mobile device forensic investigations (iOS/Android).

Conduct file and software analysis to detect malicious payloads, trojans, and obfuscation techniques.

Perform email analysis to identify phishing attempts, malicious attachments, and social engineering vectors.

Conduct URL/domain analysis to uncover malicious redirection, spoofing tactics, and C2 infrastructure.

Capture and analyze volatile memory, logs, and artifacts from compromised systems.

Develop detection signatures, IOCs, YARA rules, and threat models based on analysis.

Collaborate with incident response, SOC, and threat intelligence teams.

Produce detailed technical reports and risk analysis briefings for senior leadership.

Minimum Qualifications

U.S. Citizenship (required).

Active Secret clearance (minimum; TS/SCI preferred).

Bachelor s degree in Cybersecurity, Computer Science, Digital Forensics, or related discipline (may be substituted with equivalent experience).

8+ years of malware analysis, reverse engineering, or forensic experience.

Proven ability to operate as a senior-level analyst without technical training in:

Mobile forensics

File and software analysis

Email analysis (phishing detection)

URL/domain analysis

Required Skills & Tools

Expertise in Windows/Linux internals, file systems, and executable formats.

Strong knowledge of network protocols (TCP/IP, HTTP/S, DNS).

Proficiency with malware analysis and forensics tools:

IDA Pro, Ghidra, Binary Ninja, Radare2

Volatility, Cellebrite, Oxygen Forensics, FTK, EnCase, X-Ways

Cuckoo Sandbox, ANY.RUN, VirusTotal Enterprise

Scripting for automation: Python, Bash, PowerShell.

Familiarity with MITRE ATT&CK, STIX/TAXII, and threat intelligence feeds.

Certifications

Required (one or more):

CASP+ (CompTIA Advanced Security Practitioner)

CISSP (ISC) Certified Information Systems Security Professional

GCED (GIAC Certified Enterprise Defender)

GCIH (GIAC Certified Incident Handler)

Preferred (one or more):

GREM (GIAC Reverse Engineering Malware)

OSCP / OSCE / OSEP

CEH (Certified Ethical Hacker)

CREA (Certified Reverse Engineering Analyst)

GCFA / GNFA

Education

Bachelor s degree in Cybersecurity, IT, Computer Science, or Digital Forensics (preferred; equivalent experience considered).