KEYW Corporation

Network Threat Support Specialist

1 month ago(12/15/2017 11:56 AM)
# of Openings
Posted Date
Intelligence Analyst
US-MD-Annapolis Junction


The Network Threat Support Specialist will perform analysis to support cyber operation. The NTSS will serve as a member of a computer network operations (CNO) intelligence team, focused on the threat to networked weapons platforms and US and DoD information networks. The NTSS will collaborate with analytical counterparts across the U.S. Intelligence Community; apply knowledge of threat environment, open-source tools, and current implementation of threat technologies in order to devise all-source analytic/collection strategies to pursue access and exploitation of targets of interest.




  • Provide malware first-look and triage analysis and signature development support to a 24x7 watch operations
  • Included are network forensics and malware analysis activities such as:  Setting up virtual machines in VMware, Capturing file system and memory changes of an operating (victim) host, identifying pattersn and comparing them to known malware patterns and TTPs (threats, tactics and procedures)
  • Very familiar with implant types and/or open source equivalents, i.e. various Trojan implants, BOTS, and malware stages
  • Determining hard-coded command and control node IP addresses/DNS names
  • Able to perform decode, de-obfuscation and SSL decryption steps with tools
  • Able to work in team environment with strong communication skills for working with both internal and external customers
  • Has an understanding of malware analyst customers within DOD and other Federal agencies.


Required Qualifications:

  • Bachelor's degree and/or equivalent formal military training with 6+ years of related experience
  • Work experience must include 4+ years of Intelligence analysis experience with the DoD/IC communities
  • Work experience with relevant analyst tools and databases
  • **Shift Work is Required**

Preferred Qualifications:

  • Wireshark/Ethereal (tcpdump)
  • Snort or YARA signature writing
  • Intrusion detection (various)
  • Forensics work at host, network, or software levels, penetration testing work, malware triage analysis, malware reversing, IDA Pro, MetaSploit, EnCase, Ollydebug, advanced Windows and Linux/Unix OS experience

Preferred Certifications:

  • CNDA
  • DoD Forensic Examiner and/or Network Intrusion Analyst, Security +, SSCP, Cisco CCNA (and other Cisco related network certs)

Clearance Requirement: This position requires a Top Secret/SCI security clearance, based on current background investigation (SBI), as well as the favorable completion of polygraph.  Clearance and polygraph processing will be completed by the U.S. Government.


KeyW is an EEO employer. We are committed to providing fair and equal employment consideration, regardless of race, color, religion, national origin, gender, sexual orientation, age, marital status or disability.


How to Apply?

Please click apply on the right.


Recruiting Point of Contact:

Phyllis Kerr: 

About the Organization

KeyW is a pure-play national security solutions provider for the Intelligence, Cyber and Counterterrorism Communities' toughest challenges. We support the collection, processing, analysis and dissemination of information across the full spectrum of their missions. We employ and challenge more than 2,000 of the most talented professionals in the industry with solving such complex problems as preventing cyber threats, transforming data into intelligence and combating global terrorism.


Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share to your network!

Need help finding the right job?

We can recommend jobs specifically for you! Click here to get started.