Computer Forensic/


Advanced Persistent Threat (APT) Support


 

  • Develop a world-class Media Malware Analysis laboratory with associated documents, TTPs, and SOPs
  • Analyze malware utilized in intrusions
  • Perform dynamic and static analysis and reverse engineering of intrusion artifacts
  • Develop, obtain government approval, and release analysis findings in technical analysis reports.
  • Identify unique indicators, TTPs, patterns, or heuristics from malware artifacts for the development of detection and mitigation strategies
  • Collaborate with anti-virus vendors for malware submissions to aid vendor anti-virus updates.
  • Extract malicious files from digital media and sources
  • Identify, analyze, and document actions taken by malicious actors who gain unauthorized access to information systems
  • Determine sophistication, priority, and threat level of identified malware
  • Examine media and malware analysis reports and operational reporting from events/incidents to correlate similar events, tradecraft, and TTPs of malicious activity
  • Develop metrics and trending/analysis reports of malicious activity used to compromise the component networks
  • Develop, document, and convey operational requirements for the development, procurement, or implementation of media, malware analysis capabilities such as the Joint Malware Catalog (JMC) and Joint Indicator Database(JID)
  • Develop and conduct update briefs, presentations, and papers to organizational leadership to ensure situational awareness and status are conveyed related to the assigned project areas
  • Conduct log and system analysis for various system and network capabilities to include routers, Windows, and UNIX
  • Update shared situational awareness mechanisms to include websites, Wikipedia style solutions, and collaboration / chat mechanisms