Forensics Malware Analyst / Reverse Engineer (Cleared)

Clearance: Ability to obtain and maintain TS/SCI

Work Environment: Secure / Classified Programs

We are seeking a highly skilled Forensics Malware Analyst / Reverse Engineer to support advanced digital forensics and cyber threat analysis efforts on classified programs. This role focuses on reverse engineering malicious software, conducting in-depth forensic analysis of compromised systems, and uncovering adversary tactics, techniques, and procedures (TTPs).

The ideal candidate brings a strong blend of malware analysis, reverse engineering, and digital forensics experience and thrives in highly technical, mission-driven environments. Candidates must be able to obtain and maintain a TS/SCI clearance.

Conduct static and dynamic malware analysis to determine functionality, intent, and impact

Perform reverse engineering of binaries to uncover persistence mechanisms, exploit behavior, and obfuscation techniques

Execute host-based and memory forensics on compromised systems

Analyze artifacts such as registry changes, file system modifications, memory dumps, and logs

Identify and document indicators of compromise (IOCs) and attack chains

Correlate forensic findings with threat intelligence and adversary TTPs

Develop scripts, tools, or automation to support malware and forensic analysis efforts

Produce clear, detailed technical reports and brief findings to stakeholders

Support incident response and post-exploitation analysis on classified networks

Stay current with emerging malware families, forensic methodologies, and reverse engineering tools

Bachelor’s degree in Computer Science, Cybersecurity, Computer Engineering, or a related technical field (or equivalent experience)

Hands-on experience in malware analysis, reverse engineering, and/or digital forensics

Strong understanding of Windows and/or Linux internals

Proficiency with reverse engineering and forensic tools such as:

Ghidra, IDA Pro, Binary Ninja

x64dbg, WinDbg, Volatility, Autopsy

Experience with x86/x64 assembly and low-level debugging

Proficiency in scripting or programming (Python, C/C++, or similar)

Understanding of common malware techniques including packing, encryption, obfuscation, and anti-analysis methods

Prior experience supporting DOD, Intelligence Community, or federal cyber programs

Experience with memory forensics and live response

Familiarity with network forensics and PCAP analysis

Experience analyzing APT or nation-state malware

Kernel-mode, firmware, or embedded system reverse engineering experience

Active TS/SCI clearance

Work performed in a secure, classified environment

Highly technical, mission-critical role supporting national security

Collaboration with elite cyber, intelligence, and engineering teams

#LAT