Jun 14, 2018

18016 Forensics / Malware Analyst

  • S4 Inc.
  • Sierra Vista, Fort Huachuca, AZ 85613, USA
Full-Time Other

Job Description

Job Title: Forensics / Malware Analyst

Location: Fort Huachuca, AZ

Clearance: Active/current Top Secret

Please note that you must be a US citizen to apply to this position

Certifications: DOD 8570 IAT Level III - Any ONE of the following would qualify: CASP CE, CCNP Security, CISA, CISSP (or Associate), GCED, GCIH

Education: BS in CS or an Information Technology Engineering

Experience: Minimum five (5) years demonstrated/practical hands-on experience performing forensics and malware analysis in a DoD network environment

LCAT: Forensics / Malware Analyst Requisition: AZ18016


Job Duties: The Forensics / Malware Analyst will examine malicious software / capabilities to identify the nature of the threat and collect, preserve and transfer forensic evidence of unauthorized access to a DoD networks.  

  • Reverse-engineer compiled executable code to examine how programs interact with their environment.
  • Analyze collected media for defensive cyber operations (DCO) value to understand adversary technical capabilities and Tactics, Techniques and Procedures (TTP) methods of employment.
  • Analyze the attack/exploit capability of malware, document, and catalog findings for future correlation).
  • Develop necessary procedures or scripts to identify such data.
  • Work and interact with other DCO professionals, with Law Enforcement and Counter Intelligence personnel, and intelligence professionals as a technical specialist to understand higher-level adversary capability.
  • Document, update and enhance processes and procedures by producing training materials, standards documents and reports.



  • Active/current Top Secret clearance
  • Minimum five (5) years demonstrated/practical hands-on experience performing forensics and malware analysis in a DoD network environment.
  • Possess exceptional knowledge, experience, and certifications with commercial computer forensic tools including but not limited to: EnCase Forensic, EnCase Enterprise / Cybersecurity, AccessData Forensic Tool Kit
  • Possess exceptional knowledge and experience with commercial binary analysis tools including but not limited to: IDA PRO disassembler, Ollydbg.
  • Be familiar with analysis tools to include IceSword, Procmon, Analyst Notebook, etc.
  • Be proficient and have experience with computer languages including but not limited to: Assembly, C, C++, Perl, Java, Python, etc.
  • Strong working knowledge and experience with all Windows OS platforms including but not limited to: Vista, Windows 7, Windows 8, 2K3 Server, 2K8 Server.
  • Working knowledge and experience with varying flavors of Unix/Linux platforms, and Apple based operating systems.
  • Possess strong experience with obtaining forensically sound images of, but not limited to, workstations, servers, laptops, flash devices, removable media, cell phones, RAID, virtual systems, etc.


This position may require shift work.


To apply to this position please go to www.s4inc.com and click on Careers to complete and an employment application and to upload your resume.


S4 Inc. offers competitive salaries and a comprehensive benefits package with 401(k), and universal time off.  We are an Equal Opportunity Employer-minorities/females/veterans/individuals with disabilities/sexual orientation/gender identity. S4 participates in the E-Verify employment verification program.  If you are looking for a challenging and rewarding position, then we invite you to submit your resume including salary history/requirements.  Candidate selected must be able to obtain and maintain the security clearance required by the contract at all times


If you are an individual with a disability or a disabled veteran, and need a reasonable accommodation to apply to a position, please contact Michelle Sweeney, HR Manager, by phone at (781) 273-1600 or by email ataccommodation@s4inc.com.

For more information, or to apply now, you must go to the website below. Please DO NOT email your resume to us as we only accept applications through our website.




Security Clearance

NO Security Clearance

Apply Now