Millennium Corporation

Exploit Developer / Reverse Engineer

Job Locations US-AL-Huntsville
Posted Date 12 hours ago(10/30/2020 4:09 PM)
Job ID
2020-1535

Overview

Millennium Corporation is hiring an Exploit Developer/Reverse Engineer for an opportunity based in Huntsville, AL. Candidate must hold at minimum an Active DoD Secret Clearance and be able to obtain a DoD Top Secret Security Clearance.

Responsibilities

The Exploit Developer/Reverse Engineer will: 

  • Analyze binaries and binary patches to develop tailored exploits
  • Analyze exploit proofs of concept (POCs) to determine suitability for use during red team operations
  • Develop and maintain a repository of functional exploits to support red team operations
  • Develop analysis processes and schemes for effectively ranking and prioritizing activities based on available resources and likelihood of success
  • Provide technical briefings on exploitation techniques, operating system security, and related topics

Qualifications

  • Active DOD Secret Clearance (higher level clearances also acceptable)
  • Bachelor’s Degree in Computer Science or a related discipline
  • 3 years’ experience in Reverse Engineering or Exploit Development
  • Expertise with C/C++ and Assembly
  • Experience with scripting languages such as Python and Ruby
  • Understanding of Windows Operating System Internals
  • Understanding of computer memory management (stack and heap) and memory management libraries and techniques
  • Understanding of anti-exploitation protections (Stack cookies, ASLR, DEP, EMET, etc)
  • Experience with IDA Pro, BinDiff, BinNavi, or similar binary analysis tools
  • Experience tailoring proof of concept (POCs) exploits from vulnerability sources (such as Exploit-db) for operational requirements
  • Experience with open source and commercial exploit subscription services
  • Ability to rapidly shift priorities based on operational requirements and resources

Preferred Qualifications

  • Experience in static and dynamic analysis of systems
  • Experience with Binary Instrumentation Frameworks (i.e. DynamoRIO, PIN)
  • Experience with fuzzing of binary applications, either through development of tailored fuzzing solutions, or through the use of fuzzing frameworks such as Sully and Peach
  • Experience presenting highly technical material to peers and technical customers
  • Assist with Business Development activities as required to support Millennium's strategic business objectives, which may include but not limited to participation in technical interviews, creation of technical documentation, general proposal writing support and proposal color reviews.

Business Development

  • Assist with Business Development activities as required to support Millennium's strategic business objectives, which may include but not limited to participation in technical interviews, creation of technical documentation, general proposal writing support and proposal color reviews.

Physical Requirements

  • Must be comfortable with prolonged periods of sitting at a desk and working on a computer.
  • Must be able to lift up to 10-15 pounds at a time.

Travel Requirements

  • Occassional travel may be required, as directed by client mission.

About Us

Millennium is a strategic management, cybersecurity and systems engineering firm – driven by results and focused on people as we help our customers achieve mission success. With a proven track record of performance with the Army, Navy, OSD, DHS and other agencies, Millennium is a uniquely qualified and committed partner to the Federal Government.  It is through our work that the U.S. military and government is able to identify, manage and defeat threats.

Options

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed