WashingtonRecruiter Since 2001
the smart solution for Washington DC jobs

Exploit Development / Penetration Tester

Company: Northrop Grumman
Location: Fairfax
Posted on: November 22, 2021

Job Description:

Requisition ID: RCategory: Information TechnologyLocation: Fairfax - VA, United States of AmericaCitizenship Required: United States CitizenshipClearance Type: Top SecretTelecommute: Yes- May Consider Full Time Teleworking for this positionShift: 1st Shift (United States of America)Travel Required: Yes, 25% of the TimeAt Northrop Grumman, our employees have incredible opportunities to work on revolutionary systems that impact people's lives around the world today, and for generations to come. Our pioneering and inventive spirit has enabled us to be at the forefront of many technological advancements in our nation's history - from the first flight across the Atlantic Ocean, to stealth bombers, to landing on the moon. We look for people who have bold new ideas, courage and a pioneering spirit to join forces to invent the future, and have fun along the way. Our culture thrives on intellectual curiosity, cognitive diversity and bringing your whole self to work - and we have an insatiable drive to do what others think is impossible. Our employees are not only part of history, they're making history.Northrop Grumman is seeking creative, skilled, and motivated Exploit Development / Penetration Tester security professional to join our Cyber Assessment Tiger Team in Fairfax, VA. The role is focused on vulnerability research, reverse engineering, and exploit development against Northrop Grumman's systems, products & services. CATT conducts full-scope vulnerability assessment, exploit development, and penetration testing against Space Systems, Aeronautics, Mission Systems, manufacturing and enterprise IT.To succeed, the team member must have an intense desire to exploit real production or R&D satellites, avionics, and weapons systems, and be knowledgeable in a wide range of security issues including various computing architectures, network comms protocols, programming languages and defenses.Position conducts network or software vulnerability assessments and penetration testing, utilizing reverse engineering techniques. It perform vulnerability analysis and exploitation of applications, operating systems, or networks. Also identifies intrusion or incident path and method. Isolates, blocks or removes threat access. Evaluates system security configurations. Evaluates findings and performs root cause analysis. Performs analysis of complex software systems to determine both functionality and intent of software systems. Resolves highly complex malware and intrusion issues. Contributes to the design, development and implementation of countermeasures, system integration, and tools specific to Cyber and Information Operations. May prepare and presents technical reports and briefings. May perform documentation, vetting and weaponization of identified vulnerabilities for operational use.Responsibilities include:Code analysis & hardware/binary reverse engineering to identify functionality and vulnerabilities on hardware & software including avionics and embedded systemsEvaluate system security configurations for effectiveness and exploitation opportunitiesDevelop and execute complete adversarial cyber testing scenarios against components, applications, operating systems, or complete integrated systemsContribute to the design, development, implementation, and integration of Offensive Cyber Operations tools against platforms, payloads & systemsContribute to the design, development, implementation, and integration of system Cyber Survivability AttributesContribute to the preparation of technical reports and briefingsContinually improve the knowledge and capabilities of yourself & the greater teamThis position requires occasional travel within the continental United States, as well as international travel (up to 25% of the time). The individual will be required to work from Fairfax, VA during the interim phase of employment. However, some level of remote work may be supported after initial start period.NOTE- This Evergreen requisition does not necessarily represent an actual opening. However, this requisition may be used to consider candidates across multiple technical disciplines, and/or various levels, for our future hiring needs.Basic Qualifications:High School Diploma, or a GED, and 2 years of experience with Cyber Security, Red Team, Penetration Testing, or Exploit Development is requiredMust have software development to support penetration testing, including vuln dev, R/E tool modules, covert tunneling, scanning scripts, and passive collectionMust have 2 years of experience in at least three (3) of the following languages: C, C++, C#, Python, Ruby, Perl, Bourne/Bash, PowerShell, Visual Basic, VBScript, PHP, Javascript, HTMLMust be willing to travel domestically and internationally (up to 25% per year)Must have the ability to obtain, and maintain, a DOD Top Secret security clearance, as well as an SCI access level, as a condition of continued employment. Additional clearances may also be required for certain government programsPreferred Qualifications:The ideal candidate will have a BS degree in Software Development, Computer Engineering, Computer Science, or other similar STEM related degree, to include 9 years of experience in Cyber ProtectionTechnical computer/network knowledge and understanding of common computer hardware, software, networks, communications and connectivityExperience conducting full-scope assessments and penetration tests including: social engineering, server & client-side attacks, protocol subversion, physical access restrictions, and web application exploitationProficiency in the internal workings of either Linux, Unix, and/or Windows operating systemsExperience using scan / attack / assess tools and techniquesAbility and desire to learn additional Operating Systems, Computing Architectures, and Programming languagesDemonstrated experience in technical report writingTechnical certifications that support pen testing such as OSCP/OSCE/OSEE, GPEN/GXPNSoftware/hardware reverse engineering for vulnerability and exploit R&DRTOS experience (Integrity, Nucleus, VxWorks, etc.)PowerPC, ARM, Xilinx FPGA, RISCx, other hardware computing development experienceAssembly language experience (any current architecture/OS)TCP/IP MITM, spoofing, exploitation experiencePlatform communications protocol expertise (ARINC 429, MIL-STD-1553, Spacewire, etc.)Cryptanalysis and cryptosystem exploitation experienceIn depth understanding of layer 2-7 communication protocols, common encoding and encryption schemes and algorithmsUnderstanding of and experience either executing or defending against complex, targeted cyber threats to high-value systems and dataActive Top Secret, and/or SCI access with an SSBI completed within the past 4 years, is highly desirableSalary Range: 81700 - 188300Employees may be eligible for a discretionary bonus in addition to base pay. Annual bonuses are designed to reward individual contributions as well as allow employees to share in company results. Employees in Vice President or Director positions may be eligible for Long Term Incentives. In addition, Northrop Grumman provides a variety of benefits including health insurance coverage, life and disability insurance, savings plan, Company paid holidays and paid time off (PTO) for vacation and/or personal business.Northrop Grumman is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity/Affirmative Action Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. For our complete EEO/AA and Pay Transparency statement, please visit U.S. Citizenship is required for most positions.

Keywords: Northrop Grumman, Washington DC , Exploit Development / Penetration Tester, IT / Software / Systems , Fairfax, DC

Click here to apply!

Didn't find what you're looking for? Search again!

I'm looking for
in category

Log In or Create An Account