Cyber Forensics and Malware Analyst (CFMA) jobs in United States
cer-icon
Apply on Employer Site
company-logo

Leidos · 5 hours ago

Cyber Forensics and Malware Analyst (CFMA)

positionAshburn, VA
timeFull-time
remoteOnsite
senioritySenior Level, Lead/Staff
money$108K/yr - $195K/yr
date8+ years exp

Leidos is seeking an experienced Cyber Forensics and Malware Analyst (CFMA) to join their team on a highly visible cyber security project. The role involves performing remote compromise assessments, conducting malware analysis, and leading efforts to improve network security operations.

ComputerGovernmentInformation ServicesInformation TechnologyNational SecuritySoftware
badNo H1BnoteSecurity Clearance RequirednoteU.S. Citizen Onlynote

Responsibilities

Help define requirements and identify gaps for performing remote compromise assessments
Perform as a senior analyst and liaison between the customer and ESOC while performing remote assessments
Conduct malware analysis using static and dynamic methodologies (e.g. debuggers [Ollydbg], disassembler [IDA Pro], sandbox execution, etc.)
Produce malware reports to disseminate to the watch floor and enterprise
Capture forensic artifacts such as memory and disk images
Work with the SIEM team to implement, enhance, or change existing use cases
Pivot on the forensic data working with the Cyber Threat Intelligence team to determine if the malware is part of a larger campaign, how DHS is being targeted and take any further remediation required
Lead remote compromise assessments and produce final assessment report
Perform live box and dead box forensics to identify compromise and attack vector
Provide input for NOSC improvement and identify visibility gaps for enterprise monitoring
Deploy and configure network sensors (Suricata), manage Linux VMs (Security Onion, Ubuntu, CentOS), and maintain a small network
Potentially travel to other DHS locations (1-3 times/year) to support Incident Response investigations
Develop and maintain SOPs and ROE templates

Qualification

Malware analysisDigital media forensicsIncident responseCyber threat intelligenceNetwork security toolsForensic artifact captureLinux VM managementThreat Intel FrameworksCloud forensicsPythonBashVisual BasicPowerShellSoft skills

Required

The candidate must currently possess a Top Secret/SCI Clearance with ability to obtain a DHS Entry on Duty (EOD) clearance
BS in IT related field and 8-12 years' experience in an IT field, or MS in IT related field and 8+ years' experience in an IT Field, with a minimum of eight (8) years of professional experience in incident detection and response, malware analysis, or cyber forensics
Of the eight (8) years of professional experience requirements above, Cyber Forensics and Malware Analyst candidates shall have at least one (1) of the following specialized experience for their position: Digital Media Forensics Analyst: Candidates shall have a minimum of five (5) years of professional experience performing digital media forensic analysis, static malware code disassembly/analysis, and/or runtime malware code analysis
Incident Response Analyst: Candidates shall have a minimum of five (5) years of professional experience responding to information system security incidents. Ability to use the DHS furnished toolset to identify and determine root causes of incidents and provide any required documentation and possible evidence to security investigators
Must have at least one of the following certifications: CASP+ CE, CCNP-Security, CISA, CISSP (or Associate), GCED, GCIH, CCSP

Preferred

Experience in supporting malware analysis and forensics in cyber operations, and/or federal law enforcement
Understand and utilize Threat Intel Frameworks (e.g. Cyber Kill Chain, MITRE ATT&CK, Diamond Model)
Network tool (e.g. network tap, IDS sensors, etc) configuration for on-site assessment
Hands-on experience with EnCase, FTK, EDRs (CrowdStrike, Trellix Tanium), Volatility, Security Onion, Suricata, Gigamon, VMWare ESXi, Splunk
Signature (e.g. Snort, Yara, Suricata) development/tuning
Expert knowledge in host-based analysis/forensics
Proficient in performing timeline analysis and extracting artifacts from digital media
Experienced reverse engineering and analyzing malware and developing a malware analysis report
Ability to perform in-depth network forensics
Develop and implement hunt methodologies for fly away assessments and for the SOC
Proficient in one more of the following computer languages Python, Bash, Visual Basic or PowerShell to support cyber threat detection or reporting
Extensive knowledge about network ports and protocols (e.g. TCP/UDP, HTTP, ICMP, DNS, SMTP, etc.)
Experienced with network topologies and network security devices (e.g. Firewall, IDS/IPS, Proxy, DNS, WAF, etc.)
Proficient working in a Windows and Linux operating system
Experience with cloud forensics (e.g. AWS or Azure environments)

Company

Leidos

twittertwittertwitter
Glassdoor3.9
company-logo
Leidos is a Fortune 500® innovation company rapidly addressing the world’s most vexing challenges in national security and health.
dateFounded in 1969
location
Reston, Virginia, USA
people-size10001+ employees
web-link
https://www.leidos.com/

Funding

Current Stage
Public Company
Total Funding
unknown
2025-02-20Post Ipo Debt
2013-09-17IPO

Leadership Team

leader-logo
James Carlini
Chief Technology Officer
linkedin
leader-logo
Theodore Tanner
Chief Technology Officer
linkedin

Recent News

Fortune
Fortune 500 Power Moves: Which executives gained and lost power this week
2025-12-20
MarketScreener
Leidos Names Theodore Tanner Chief Technology Officer
2025-12-16
Benzinga.com
Citigroup, Leidos Holdings And More On CNBC's 'Final Trades'
2025-12-16
Company data provided by crunchbase