Northrop Grumman Cyber Forensic/Malware Specialist 3 in Quantico, Virginia

Cyber Forensic/Malware Specialist 3

Requisition ID: 18010185

Location(s): United States-Virginia-Quantico

US Citizenship Required for this Position: Yes

Relocation Assistance: No relocation assistance available

Travel: No

Northrop Grumman is seeking a Cyber Malware Analyst to join our team of qualified, diverse individuals in Quantico, VA. The qualified applicant will become part of the Malware and Forensic Cell supporting the cyber defense efforts of the MCCOG contract, responsible for providing cybersecurity solutions to the Marine Corps. The candidate will be a Malware and Forensic (MAF) Analyst responding to previously identified incidents occurring throughout the MCEN. The selected candidate should be skilled in surface and runtime analysis of malware, and be familiar with static and dynamic analysis techniques. They should be skilled in disk/drive image dissection processes outlined in CJCSM 6510.01B.

Resolves highly complex malware and intrusion issues using computer host analysis, forensics, and reverse engineering. Discovers, analyzes, diagnoses, and reports on malware events, files and network intrusion and vulnerability issues. Recommends counter measures to malware and other malicious type code and applications that exploit customer communication systems. Conducts reverse engineering for known and suspected malware files. Develops analysis and make recommendations for the purchase of hardware and or software that will mitigate malware intrusions. Develops policies and procedures to investigate malware incidents for the entire computer network. Assists in the development and delivery of malware security awareness products and briefings.

Roles and Responsibilities:

  • Support the transition of network defense configurations as informed by resolved incidents in order to prevent future occurrences. Data sources as well as analysis and response tools will evolve with changes in the Marine Corps; technical computing environment as well as by mandates from US Cyber Command.

  • Identify artifacts from host/file analysis to be used for protective measures on an enterprise network.

  • Document and present investigative findings via detailed analysis reports.

  • Conduct file analysis on system artifacts to derive Indicators of Compromise for signature development.

Must be able to work Monday-Friday, 8am - 4pm

Basic Qualifications:

  • Active Secret Clearance and Must be TS/SCI eligible.

  • Must be DoD 8570 Compliant at the IAT Level III; 1 of the following certifications required (CASP CE, CCNP Security, CISA, CISSP or Associate, GCED, GCIH), and have a Security CE certification, and Certified Ethical Hacker (CEH).

  • Familiarity with open source, custom or proprietary forensic and malware analysis tools.

  • Ability to perform both static and dynamic analysis of malware and suspect files.

  • Basic understanding of scripting and coding languages.

  • Bachelors degree with 5 years of experience. Experience will be considered in lieu of degree.

Preferred Qualifications:

  • Knowledge of CND policies, regulations and compliance documents specific to the DoD.

  • Understanding of functionality and capabilities of computer network defense technologies, to include: Router ACLs, Firewalls, IDS/IPS, Antivirus, Web Content Filtering.

  • Familiarity with Incident Handling Methodology performing work monitoring, analyzing, and recommending mitigation actions of events on the network.

  • Have an understanding of dead system (forensic) analysis of compromised or suspect hosts.

  • Intermediate understanding and management of sandbox environments to maintain system currency and reporting of file artifact properties.


Northrop Grumman Corporation is a leading global security company providing innovative systems, products, and solutions in unmanned systems, cybersecurity, C4ISR, and logistics and modernization to government and commercial customers worldwide.

Northrop Grumman is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity/Affirmative ActionEmployer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. For our complete EEO/AA statement, please visit . U.S. Citizenship is required for most positions.

Title: Cyber Forensic/Malware Specialist 3

Location: Virginia-Quantico

Requisition ID: 18010185