Millennium Corporation

  • Red Team Software Developer

    Job Locations US-AL-Huntsville
    Posted Date 1 day ago(11/16/2018 10:56 AM)
    Job ID
    2018-1205
  • Overview

    Millennium Corporation is hiring a Red Team Software Developer in Huntsville, AL. Qualified candidate must have an active Top Secret/SCI Clearance.

    Responsibilities

    Qualified candidate will perform software development functions in support of customer’s Red Team mission to effectively portray opposition force Computer Network Attack, Computer Network Exploitation, and Computer Network Defense. Candidate will be responsible for defining requirements and developing software solutions to those requirements based on observed and supplied feedback from Red Team events. Candidate will maintain proficiency in Red Team operations through occasional support and/or observations of Red Team events. Will supports mission and training events by creating new technical and non-technical solutions using an interdisciplinary approach to actively, and passively expose and exploit information system vulnerabilities.

     

    Specific duties include: Exploitation and vulnerability research, tool design and development (software/application/scripting/coding), support of Red Team operations, test lab configuration and administration, and other duties as assigned.

     

    Candidate must maintain minimum required professional certifications to meet DoD 8570 requirements.  Candidate will attend or otherwise support various training events, conferences, exercises, and demonstrations to ensure continued compliance with team member certification requirements to enhance technical capabilities, and to support authorized missions and test events. Less than 25% travel is required.

     

     Specific Requirements/Job Description:

    • Ability to program and script in various languages, including (but not limited to): C/C++, C#, Python, Ruby
    • Experience with network and security related protocols
    • Experience in using network protocol analyzers and sniffers, as well as ability to decipher packet captures
    • Excellent independent (self-motivational, organizational, personal project management) skills
    • Excellent problem solving methodology, ability to break nebulous problems down into concrete tasks and execute those tasks to develop solutions
    • Proven ability to work effectively with management, staff, vendors, and external consultants
    • Ability to think outside the box and emulate adversarial approaches
    • Capable of conducting pentests on applications, systems and network utilizing proven/formal processes and industry standards.
    • In depth understanding of emerging threats, vulnerabilities, and exploits
    • CEH/CISSP, or ability to obtain within 6 months of hire

     

     

     

     

    Desired Skills:

     

    Specific experience using a wide variety of open source and COTS tools to include those found on SecTools.Org: Top 125 Network Security Tools (http://sectools.org/). The ideal candidate will have Subject Matter Expertise in at least 3 of the following areas:

    • *nix (including Linux, BSD, Solaris, or HPUX)
    • Windows (including Windows NT, 2000, XP, 2003, 2007, Windows 7, Windows 8, 2012, Windows 10)
    • Programming / Scripting (PowerShell, Python, Perl, Ruby, PHP, JavaScript, VBscript, C/C++, .NET, Assembly)
    • Reverse Engineering / Disassembly (IDA Pro, SoftICE, OllyDBG, etc.)
    • Experience with exploitation concepts (stack- and heap-based buffer overflows, heap sprays, DEP and ASLR bypass/mitigation techniques, etc.)
    • Patch Reversing and binary differential analysis
    • Static and dynamic analysis of binaries and related vulnerability discovery techniques
    • Network Protocols ( OSPF, HSRP, EIGRP, BGP, TCP/IP, 802.1x, IPSec, Radius, TACACS+, etc.)
    • Ability to conduct secure code analysis manually or using SCA software
    • Familiarity with Operating System libraries (Win32 Native API, Linux API)

    Qualifications

    Must Haves:

     

    Significant Skills Required:

    • SPECIALIZED experience performing software development focused on offensive security, i.e. Red Teaming, penetration testing or Computer Network Operations. Familiarity with common penetration testing tool sets to include: reconnaissance/enumeration, exploitation, and post exploitation frameworks.

    Minimum Skills Required:

    • Specialized experience in Red Teaming, CNA, CNE and/or CND.
    • Ability to independently and rapidly develop tools from concept to production in a high-stress, short deadline, under-resourced environment using multiple programming languages including Python and C/C++.

    Required Education / Certification / Contingencies:

    • Bachelors in Computer Science/Management of Computer Information/Information Assurance or Security. Experience may be substituted for degree. Specific CNO related Skills and Education (i.e. SANS, Sys admin, or other CNE, CNA, CND courses, etc.).

    Options

    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed