Job Description

Lackland Air Force Base, San Antonio, TX, USA ? San Antonio, TX, USA Req #7121

Friday, February 7, 2025

STS Systems Support, LLC (SSS) is seeking a Sr. Forensic Malware Analyst to support our mission at Lackland AFB in San Antonio, TX.

Duties:

• Document all findings in the investigation/incident log. (CDRL A008)
• Track evidence inventory for intake and releasing to the forensics laboratory, ensuring proper handling and maintenance of evidence and chain of custody records with no more than a 5% error rate.
• Utilize forensic tools such as EnCase, FTK, FireEye, etc., and other systems as required.
• Conduct analysis of metadata and forensic examinations of digital media from various sources, including preservation, acquisition, and analysis of digital evidence to develop forensically sound evidence.
• Confirm malicious activity when new information is identified through forensic analysis.
• Investigate network and computer intrusions to identify root cause and generate indicators of compromise, documenting all findings in the investigation/incident log for each file.
• Perform memory forensics and malware reverse engineering of suspected malicious files to verify if system compromise occurred, documenting all findings and Indicators of Compromise (IOCs) in the investigation/incident log for each file.
• Perform Hard Drive Analysis of suspected/confirmed infected or exploited systems and document all findings in the investigation/incident log for each hard drive with no more than a 5% error rate.
• Develop methods to identify, contain, log, and analyze malware?based activities on AF AIS and networks. (A008)
• Provide support to AF network administrators on the installation and analysis of packet sniffers on their network topology, reporting the functionality status upon request.
• Generate forensic reports and synopses presenting complex technical processes and findings clearly and concisely to technical and non?technical audiences. (CDRL A008)
• Collaborate with leadership and external agencies, including Counter?Intelligence activities/agencies, OSI, FBI, and other security agencies, including Incident Responders and other forensic analysts.
• Provide AF OSI DCO technical support to law enforcement and counter?intelligence activities.
• Turn any investigation over to AF OSI if it is determined during the course of an investigation that a law was broken.
• Support and/or augment Incident Response deployment with same-day notice. This travel will allow responders to retrieve hard drives or miscellaneous storage media, isolate system(s) for additional investigation, and perform other on?site Incident Response actions.
• Set up a monitor or cage at the on?site location as needed.
• Provide OJT to other contractor employees, military, and/or civilian personnel, and ensure continuity folders/working aids are updated at least once per quarter to ensure efficient transition when personnel rotate.
• Provide requested forensic information to the operational flight commander as it relates to the Host Detection processes and procedures.

Requirements:

• Active TS/SCI
• More than five (5) years of experience as a Forensic Malware Technician.
• Experience performing forensic acquisition and examination of Windows, Unix/Linux, and Macintosh?based computers and servers.
• Strong skill in and understanding of the use of a variety of forensic tools (Access Data, FTK, Guidance EnCase; including mobility tools such as Axiom/BlackBag, Mobilyze/Cellebrite/Paraben, FTK, X?Ways Forensics, FireEye, Volatility, Sleuthkit, BlackBag tools) and various Open Source forensic tools.
• Shell Scripting is a plus.
• Experience writing intelligence and technical articles for production and dissemination.
• Very proficient in malware analysis, sandboxing, and software reverse engineering.
• Proficient experience with scripting languages such as Python and PowerShell.
• Extensive knowledge of the MITRE ATT&CK framework and its uses within the cybersecurity community (e.g., Open Source projects). Required: SANS GCFA (or equivalent).
• GREM, GCTI and/or ACE certifications.

STS Systems Support, LLC (SSS) offers a competitive benefits package to include paid holidays, paid time off including sick and vacation leave, medical, dental and vision insurance, flexible spending accounts, short and long-term disability, company-paid life insurance, 401(k) with a company match, discretionary profit sharing, and tuition reimbursement.

SSS is an Equal Opportunity Employer. Employment decisions are made without regard to any protected category. Hiring preference will be given to BBNC shareholders, their spouses and descendants, and Alaska Natives in accordance with Public Law 93-638.

Job Tags

Similar Jobs