Job Descriptions

Use this tool to access job descriptions for your next hire. Search by skills or job titles and download the job description to help you get started. Tip: You can use this tool to help ensure your own resume is up-to-date with the latest job requirements.

You may search job titles by skills within selected career category
Information System Security Officer (ISSO)
Chief Information Security Officer (CISO)
Information Security (IS) Auditor
Security Architect
Security Automation Engineer
Secure Software Assessor
Cryptographer/Cryptanalyst
Information Systems Security Developer
Operational Technology Systems Analyst
Security Engineer
Supply Chain Security Analyst
Security Testing and Evaluation Specialist
Identity Management & Authentication Support Specialist
Encryption / Key Management Support Specialist
Data Privacy Specialist
Cybersecurity Operations Technician
Cybersecurity Incident Responder
Cybersecurity Malware Specialist Digital Forensics Analyst
Cybersecurity Operations Analyst
Vulnerability Assessment Analyst
Information Systems Security Manager - Cybersecurity Operations
Threat Hunter
Cybersecurity Operational Technology Incident Responder
Penetration Tester
Data Scientist (AI)
Machine Learning Engineer
Computer Vision Engineer
Automation Process Engineer
IT Service Manager
Systems Engineer
Full Stack Developer
Front End Developer
User Interface Designer
User Experience Designer
Software Engineer
Programmer
Systems Analyst
Developer
Data Engineer
Data Scientist (Tech)
Data Analyst
Project Manager
Technical Recruiter
Product Manager
Social Media Manager
Business Analyst
Policy Analyst
Learning and Development Specialist
Architectural Designer
IT Author / Technical Writer
Cognitive Copywriter
Clinical Researcher / Coordinator
Legal Compliance Officer
IT Auditor
Deep Learning Engineer
Robotics Process Analyst
IT Program Manager
IT Procurement Officer
Network and Systems Administrator
Web Developer
Systems Architect
Online/Digital Learning Developer
Human Resources Analyst
Medical Coder/Programmer
Tech Sales and Customer Service
Business Intelligence Analyst
Graphic and Animation Designer
Digital Marketing / Communications

Cybersecurity Malware Specialist

PROTECT & DEFEND

Skills

Job Description

Other Titles Include

  • SOC operator
  • Cyber security operator
  • Infrastructure Security Analyst
  • Network Security Analyst
  • Network Security Administrator
  • Data security analyst

Note: This role is most commonly found in large or medium-sized organizations.

Reporting relationship

To be completed by the user of this job description as appropriate.

Job purpose / summary

Front-line cyber security operations center operator responsible for monitoring and maintaining IT security devices and is often responsible for initial detection, incident response and mitigation

Duties and responsibilities

  • Identify and analyze technical threats to, and vulnerabilities of, networks
  • Identify, contain, conduct initial mitigations and report system compromises
  • Review, analyze, and/or apply internet security protocols, cryptographic algorithms, directory standards, networking protocols, network hardening, technical IT security controls, IT security tools and techniques, OS, intrusion detection/protection systems, firewalls, routers, multiplexers and switches, and wireless devices
  • Analyze security data and provide alerts, advisories and reports
  • Install, configure, integrate, adjust, operate, monitor performance, and detect faults on security devices and systems
  • Conduct impact analysis for new software implementations, major configuration changes and patch management
  • Develop proof-of-concept models and trials for IT security products and services
  • Troubleshoot security products and incidents
  • Design/develop IT Security protocols
  • Complete tasks related to authorization and authentication in physical and logical environments
  • Develop options and solutions to meet the security-related project objectives
  • Identify the security products and its configuration to meet security-related project objectives
  • Implement and test configuration specifications
  • Develop configuration and operational build books
  • Review, develop and deliver relevant training material

Tools and Technologies

  • Incident management processes and procedures
  • Defensive systems including firewalls, anti-virus software and systems, intrusion detection and protection systems, scanners and alarms
  • Security event and incident management systems and/or incident reporting systems and networks

Competencies

In larger SOCs there may be the opportunity to progress from Cybersecurity Operations Analyst to Malware Specialist. 

The following KSA are applied at a basic level:

  • Network security administration and management
  • Network security architecture
  • Hardware and firmware security
  • Software defined security and application security
  • Virtualization and VPN security
  • Virtualization
  • Cloud-based security
  • Wireless/mobile device security
  • IT security zoning
  • Encryption and cryptography including key management concepts and principles
  • Vulnerability scanning and analysis
  • Vulnerability management tools, processes and procedures
  • Web application security
  • Configuration and operational build books
  • System acquisitions and projects
  • Legal and ethical responsibilities associated with cyber security operations including conduct of investigations, privacy, and preservation of evidence
  • Writing and briefing on technical matters (e.g. incident reports, technical reports, etc.) for managerial level understanding

The following KSA are applied at an advanced level:

  • Network security appliance concepts, operation and configuration (equipment specific based on role - network, server and desktop cyber defence systems and/or appliances)
  • Types of intrusions and indicators of compromise (IoCs)
  • Sources of threat information
  • Common threat actor tactics, techniques, and procedures (TTPs)
  • Incident management processes, responsibilities and authorities
  • Intrusion detection and prevention methodologies, tools and systems
  • Intrusion analysis and mitigation techniques
  • Basic malware analysis

For Tier II Analyst - Malware specialist

The following KSA are applied at an advanced level. All of the above plus:

  • Persistent and sophisticated threat TTPs
  • Cyber defence tools, techniques and procedures
  • Development and testing of network security appliances (including scripts and coding).
  • Advanced malware analysis and reverse mal-ware engineering
  • Implementing advance security controls in response to advanced persistent threats
  • Advanced incident response and recovery activities

Qualifications

Education. College diploma in IT field with specialization in IT/cyber security, network security or similar or equivalent training and experience. 

Certifications. Cybersecurity operations training with industry-level certification in related field (e.g. security operations, network security, threat detection and mitigation, security appliance operations). More advanced training required for Malware Specialists.

Other relevant qualifications.

To be completed by the user of this job description as appropriate

Key Attributes.

To be completed by the user of this job description as appropriate

Experience. Initial experiential requirement is to have been successful working in an IT environment and technical team setting.

Working conditions (if required)

If the job requires a person to work in special working conditions this should be stated in the job description. Special working conditions cover a range of circumstances from regular evening and weekend work, shift work, working outdoors, working with challenging clients, and so forth.

Physical requirements (if appropriate)

If the job is physically demanding, this should be stated in the job description. A physically demanding job is one where the incumbent is required to stand for extended periods of time, lift heavy objects on a regular basis, do repetitive tasks with few breaks, and so forth.