SME Malware Analyst

by | Sep 4, 2025

  • Anywhere

Job Title: SME Malware Analyst
Location: Rosslyn, VA or Beltsville, MD
Terms: Full-time
Requirements: Must be a U.S. Citizen with Active Secret Security Clearance

About the Role
Cyber Management International Corporation is actively recruiting highly IT Security professionals looking for challenging, exciting work in support of the U.S. Department of State (DOS). Specifically, our customer is the Bureau of Diplomatic Security (DS), Directorate of Cyber and Technology Security (CTS). DS/CTS is a center of excellence that brings together cybersecurity, technology security, and investigative expertise as a unified security capability focused on solving critical and emerging issues enabling the State Department to fulfill its vital global mission.

Responsibilities

  • Provide static and dynamic malware analysis support in a 24x7x365 environment.
  • Contribute to Shift Change Document.
  • Conduct advance analysis and recommend remediation steps for cybersecurity events and incidents.
  • Publish after-action reports, cyber defense techniques, guidance, and incident reports.
  • Respond to and assist with the resolution of any suspected or successful cybersecurity breach or violation.
  • Share knowledge and intelligence gained from cybersecurity events with stakeholders.
  • Assist with training junior level analysts.
  • Perform analysis of network and host logs.
  • Perform network searches, artifact collection and timeline analysis using a variety of EDR tools.
  • Share in-depth knowledge and intelligence gained from cybersecurity events with stakeholders.
  • Protect against and prevent potential cybersecurity threats and vulnerabilities.
  • Assist in the development and implementation of training programs for malware analysts.
  • Review, draft, edit, update, and publish cyber incident response plans.

Qualifications: Basic Requirements

  • Bachelors degree and 12 years of relevant experience.
    • An additional 4 years of work experience will be considered in lieu of degree.
  • Ability to resolve highly complex malware and intrusion issues using computer host analysis, forensics, and reverse engineering.
  • Ability to recommend sound counter measures to malware and other malicious type code and applications which exploit customer communication systems.
  • Has knowledge in development of policies and procedures to investigate malware incidents for the entire computer network?
  • Experience with Debuggers, Disassemblers, Unpacking Tools, and Binary analysis tools.
  • Experience with static and dynamic malware analysis tools and techniques.
  • Ability to identify remediation steps for cybersecurity events.
  • Experience with Splunk and EDR tools such as Microsoft Defender for Endpoint (MDE), Tanium.
  • Ability to analyze a variety of Operating System log types.
  • Experience in the development of policies and procedures to investigate malware incidents for the enterprise network.
  • Knowledge of IOCs and APT threat actors.
  • Knowledge of the Incident Response Lifecycle.
  • Knowledge of host and network forensic analysis.
  • Demonstrated strong organizational skills.
  • Proven ability to operate in a time sensitive environment.
  • Proven ability to communicate orally and written; ability to brief (technical/informational) senior leadership.
  • Experience collaborating with cross functional teams.
  • Experience with static and dynamic malware analysis tools and techniques.
  • At least ONE of the following as an active certification:
    • CASP+ CE, CCISO, CCNA Cyber Ops, CCNA-Security, CCNP Security, CEH, CFR, CISA, CISM, CISSP (or Associate), CISSP-ISSAP, CISSP-ISSEP, Cloud+, CySA+, GCED, GCIA, GCIH, GICSP, GSLC, SCYBER.
  • U.S. citizenship required
  • An active Interim Top Secret security clearance w/ SCI eligibility.

Preferred Qualifications:

  • Understanding of Security Operations Center processes and workings.
  • Experience with ServiceNow Ticketing Software.
  • Experience in the development of policies and procedures to investigate malware incidents for the enterprise network.
  • Experience handling state and national level intrusions.
  • Demonstrated ability to utilize and leverage forensic tools to assist in determining scope and severity of a cybersecurity incident.
  • Knowledge of high- and low-level programming.
  • Experience in developing and delivering comprehensive training programs.

About Us

Cyber Management International Corp. (CyberMGT) is a rapidly growing Service-Disabled Veteran Owned Small Business (SDVOSB) providing all aspects of IT Management from strategy & design to engineering & development, through transition to operations & maintenance, with a focus on security throughout. Information Management is vital to our customers’ success… keeping it flowing and keeping it safe is our mission! We offer excellent compensation & benefits, and opportunities for a successful career. Come join us as we grow!

For more information about our company, please visit www.cybermgt.com or email us at recruiting@cybermgt.com 

To apply for this job email your details to gavallask@cybermt.com