To become a great malware analyst, do I need to know how to read assembly language or actually know how to program in assembly language. Kind of the same question for C++ as well ?
It all boils down to what you want to do at the end of the day. Understanding Assembly helps and you WILL NEED to understand enough for performing static analysis however, the reality is... Unless you're doing it at the hobbyist level, most of the times you wouldn't need to go that far and I will explain why...
When malware infects an environment, the goal is often containment, eradication and analysis. For the most part, containment and eradication come first followed by analysis. In many arenas, you won't need to go that far in depth into analyzing from a reversed perspective. When you DO need to go this route, it is usually because something was specifically targeting you. Reversing on this scale is EXTREMELY time consuming.
Large companies and many in the gov/mil space use tools like Norman Sandbox, FireEye, etc., this drastically reduces the amount of time an analyst will spend on these things. You need to remember, time is ALWAYS money at the end of the day. So unless you can beat a machine, you're up poop's creek trying to race some of these sandboxes.
Most of the things I do when reversing come from a hybrid analysis perspective. Meaning I am performing both static and dynamic analysis' and comparing the differences. Its rare that I will go as far as dumping something in IDA pro as it is not going to yield me anything I couldn't obtain otherwise. I am not making an AV/AntiMalware signature, so little is to be gained from reversing where I can simply throw a memory dump into strings and find the same data.
So, to answer your question... You should learn Assembly for the sake of understanding as much as you can since it obviously helps however, you DO NOT NEED to learn Assembly from a programmers perspective to be a good malware analyst most times. (NOTE THE WORD MOST TIMES) It all boils down to your environment.