Cybersecurity Research Engineer

Accenture Federal Services•Fort Meade, MD

About The Position

Accenture Federal Services is seeking mission-oriented people to join our team. We are looking for experienced DoD Cyber Security Engineers to join our team and work with our client(s) to support the planning, development, execution and analysis of full spectrum cyber operations. The Work: Perform malware analysis and incident handling. Draft and implement security incident response policies. Analyze malware discovered in DoD intrusions; perform dynamic and static analysis and reverse engineering of intrusion artifacts. Develop and release Government-approved analysis findings in technical analysis reports. Identify unique indicators, TTPs, patterns, or heuristics from malware artifacts for the development of detection and mitigation strategies. Collaborate with anti-virus vendors for malware submissions to aid vendor anti-virus updates. Extract malicious files from digital media and sources. Identify, analyze, and document adversarial activities to gain unauthorized access to DoD systems. Develop an analysis and recommendation report, determining sophistication, priority, and threat of identified malware. Examine media and malware analysis reports and operational reporting from DoD incidents to correlate similar events, tradecraft, and TTPs of malicious activity. Develop metrics and trending/analysis reports of malicious activity used to compromise the DODIN, U.S. Government, and allies. Develop and conduct update briefs, presentations, and papers to leadership to ensure situational awareness and status are conveyed related to the assigned project areas. Conduct log and system analysis for various system and network capabilities, to include routers, Windows, and UNIX. Update DoD shared situational awareness mechanisms to include customer websites, Wikipedia-style solutions, and collaboration/chat mechanisms. Identify new security vulnerabilities, analyze behavior of malicious code, research open-source data, document host/network signatures, and develop mitigation and remediation strategies. Deliver Message Digest 5 (MD5) hash updates. Validate, update, post, and maintain MD5 hash list for signature repository. Conduct analyses on the lifecycle of adversary anatomy of cyber attacks and the associated tools, malware, and encryption mechanisms utilized. Identify patterns in reported compromises and identify additional compromises as part of the same incident. Craft policy, guidance, and procedures in the execution of the Global Malware Exploitation Center and its associated POA&Ms from both capability solution and governance perspectives.

Requirements

Bachelor’s Degree in a technical or business discipline from an accredited college or university in Computer Science, Cybersecurity, Computer Engineering, or related discipline or equivalent 5 years of direct experience
Experience in languages such as C, C++, Python, Assembly, and/or Java
Expertise with tools like IDA Pro, Ghidra, OllyDbg, x64db, or similar
Must have an active TS/SCI security clearance

Responsibilities

Perform malware analysis and incident handling.
Draft and implement security incident response policies.
Analyze malware discovered in DoD intrusions; perform dynamic and static analysis and reverse engineering of intrusion artifacts.
Develop and release Government-approved analysis findings in technical analysis reports.
Identify unique indicators, TTPs, patterns, or heuristics from malware artifacts for the development of detection and mitigation strategies.
Collaborate with anti-virus vendors for malware submissions to aid vendor anti-virus updates.
Extract malicious files from digital media and sources.
Identify, analyze, and document adversarial activities to gain unauthorized access to DoD systems.
Develop an analysis and recommendation report, determining sophistication, priority, and threat of identified malware.
Examine media and malware analysis reports and operational reporting from DoD incidents to correlate similar events, tradecraft, and TTPs of malicious activity.
Develop metrics and trending/analysis reports of malicious activity used to compromise the DODIN, U.S. Government, and allies.
Develop and conduct update briefs, presentations, and papers to leadership to ensure situational awareness and status are conveyed related to the assigned project areas.
Conduct log and system analysis for various system and network capabilities, to include routers, Windows, and UNIX.
Update DoD shared situational awareness mechanisms to include customer websites, Wikipedia-style solutions, and collaboration/chat mechanisms.
Identify new security vulnerabilities, analyze behavior of malicious code, research open-source data, document host/network signatures, and develop mitigation and remediation strategies.
Deliver Message Digest 5 (MD5) hash updates. Validate, update, post, and maintain MD5 hash list for signature repository.
Conduct analyses on the lifecycle of adversary anatomy of cyber attacks and the associated tools, malware, and encryption mechanisms utilized.
Identify patterns in reported compromises and identify additional compromises as part of the same incident.
Craft policy, guidance, and procedures in the execution of the Global Malware Exploitation Center and its associated POA&Ms from both capability solution and governance perspectives.