Today
Top Secret/SCI
Mid Level Career (5+ yrs experience)
IT - Security
Washington, DC (On-Site/Office)
Job Title: Malware Analyst
Location: Washington, D.C. Metro Area (Onsite)
Clearance Requirement: Active Top Secret (TS) with SCI eligibility preferred
Position Summary:
Magnus Management Group LLC is seeking a highly skilled Malware Analyst to provide deep malware analysis and reverse engineering support aligned with our clients active incident response (IR) operations and evolving cybersecurity priorities. This position is mission-critical and will require an advanced understanding of malicious code behavior, exploitation tactics, and threat actor techniques, tactics, and procedures (TTPs). The successful candidate will work under government supervision and collaborate with multidisciplinary cyber response teams to produce actionable technical reports and threat intelligence.
Key Responsibilities:
Perform in-depth malware analysis and reverse engineering of binaries, scripts, and documents to determine their functionality, origin, and impact.
Utilize government-furnished tools (e.g., IDA Pro, Ghidra, x64dbg, Wireshark, Cuckoo Sandbox, Volatility) to support forensic evaluation.
Support active incident response operations by analyzing malware and providing rapid assessments to stakeholders within the Threat Hunting and IR teams.
Author detailed technical reports that describe malware behavior, persistence mechanisms, command-and-control protocols, exploitation vectors, and recommended mitigation strategies.
Conduct static and dynamic analysis in isolated environments to safely evaluate malicious samples.
Identify network and host-based indicators of compromise (IOCs) and assist in developing YARA/Snort/Suricata detection signatures.
Collaborate with threat intelligence teams to enrich malware analysis results with broader context on adversary infrastructure and capabilities.
Research and stay abreast of emerging malware families, vulnerabilities, and novel exploitation techniques used by threat actors.
Participate in threat hunts and detection engineering efforts to improve the clients proactive defense posture.
Required Qualifications:
U.S. Citizenship is required.
Bachelor’s degree in Computer Science, Information Security, or related field (or equivalent practical experience).
5+ years of hands-on experience in malware analysis, digital forensics, or reverse engineering.
Deep familiarity with x86/x64 assembly, C/C++, Python, PowerShell, and scripting languages used in malware.
Experience using reverse engineering tools such as IDA Pro, Ghidra, OllyDbg, x64dbg, etc.
Proficiency with dynamic analysis environments (e.g., Cuckoo, Joe Sandbox, FLARE VM).
Strong understanding of Windows and Linux internals, file systems, memory structures, and common exploitation techniques.
Ability to author clear, concise, and technically accurate documentation and reports.
Preferred Qualifications:
Relevant certifications such as GREM, OSCE, GXPN, or CEH Practical.
Experience supporting federal cybersecurity programs or critical infrastructure defense.
Familiarity with MITRE ATT&CK Framework, STIX/TAXII, and structured threat intelligence.
Prior experience with threat hunting or supporting incident response teams.
Location: Washington, D.C. Metro Area (Onsite)
Clearance Requirement: Active Top Secret (TS) with SCI eligibility preferred
Position Summary:
Magnus Management Group LLC is seeking a highly skilled Malware Analyst to provide deep malware analysis and reverse engineering support aligned with our clients active incident response (IR) operations and evolving cybersecurity priorities. This position is mission-critical and will require an advanced understanding of malicious code behavior, exploitation tactics, and threat actor techniques, tactics, and procedures (TTPs). The successful candidate will work under government supervision and collaborate with multidisciplinary cyber response teams to produce actionable technical reports and threat intelligence.
Key Responsibilities:
Perform in-depth malware analysis and reverse engineering of binaries, scripts, and documents to determine their functionality, origin, and impact.
Utilize government-furnished tools (e.g., IDA Pro, Ghidra, x64dbg, Wireshark, Cuckoo Sandbox, Volatility) to support forensic evaluation.
Support active incident response operations by analyzing malware and providing rapid assessments to stakeholders within the Threat Hunting and IR teams.
Author detailed technical reports that describe malware behavior, persistence mechanisms, command-and-control protocols, exploitation vectors, and recommended mitigation strategies.
Conduct static and dynamic analysis in isolated environments to safely evaluate malicious samples.
Identify network and host-based indicators of compromise (IOCs) and assist in developing YARA/Snort/Suricata detection signatures.
Collaborate with threat intelligence teams to enrich malware analysis results with broader context on adversary infrastructure and capabilities.
Research and stay abreast of emerging malware families, vulnerabilities, and novel exploitation techniques used by threat actors.
Participate in threat hunts and detection engineering efforts to improve the clients proactive defense posture.
Required Qualifications:
U.S. Citizenship is required.
Bachelor’s degree in Computer Science, Information Security, or related field (or equivalent practical experience).
5+ years of hands-on experience in malware analysis, digital forensics, or reverse engineering.
Deep familiarity with x86/x64 assembly, C/C++, Python, PowerShell, and scripting languages used in malware.
Experience using reverse engineering tools such as IDA Pro, Ghidra, OllyDbg, x64dbg, etc.
Proficiency with dynamic analysis environments (e.g., Cuckoo, Joe Sandbox, FLARE VM).
Strong understanding of Windows and Linux internals, file systems, memory structures, and common exploitation techniques.
Ability to author clear, concise, and technically accurate documentation and reports.
Preferred Qualifications:
Relevant certifications such as GREM, OSCE, GXPN, or CEH Practical.
Experience supporting federal cybersecurity programs or critical infrastructure defense.
Familiarity with MITRE ATT&CK Framework, STIX/TAXII, and structured threat intelligence.
Prior experience with threat hunting or supporting incident response teams.
group id: 90813030
