Millennium Corporation

Exploit Developer/Reverse Engineer (Remote)

Job Locations US-AL-Huntsville
Posted Date 2 days ago(7/2/2020 2:33 PM)
Job ID
2020-1535

Overview

Millennium Corporation is hiring an Exploit Developer/Reverse Engineer for an opportunity that is 100% remote based. Candidate must hold at minimum an Active DoD Secret Clearance and be able to obtain a DoD Top Secret Security Clearance.

Responsibilities

The Exploit Developer/Reverse Engineer will: 

  • Analyze binaries and binary patches to develop tailored exploits
  • Analyze exploit proofs of concept (POCs) to determine suitability for use during red team operations
  • Develop and maintain a repository of functional exploits to support red team operations
  • Develop analysis processes and schemes for effectively ranking and prioritizing activities based on available resources and likelihood of success
  • Provide technical briefings on exploitation techniques, operating system security, and related topics

Qualifications

  • Active DOD Secret Clearance (higher level clearances also acceptable)
  • Bachelor’s Degree in Computer Science or a related discipline
  • 3 years’ experience in Reverse Engineering or Exploit Development
  • Expertise with C/C++ and Assembly
  • Experience with scripting languages such as Python and Ruby
  • Understanding of Windows Operating System Internals
  • Understanding of computer memory management (stack and heap) and memory management libraries and techniques
  • Understanding of anti-exploitation protections (Stack cookies, ASLR, DEP, EMET, etc)
  • Experience with IDA Pro, BinDiff, BinNavi, or similar binary analysis tools
  • Experience tailoring proof of concept (POCs) exploits from vulnerability sources (such as Exploit-db) for operational requirements
  • Experience with open source and commercial exploit subscription services
  • Ability to rapidly shift priorities based on operational requirements and resources

Preferred Qualifications

  • Experience in static and dynamic analysis of systems
  • Experience with Binary Instrumentation Frameworks (i.e. DynamoRIO, PIN)
  • Experience with fuzzing of binary applications, either through development of tailored fuzzing solutions, or through the use of fuzzing frameworks such as Sully and Peach
  • Experience presenting highly technical material to peers and technical customers
  • Assist with Business Development activities as required to support Millennium's strategic business objectives, which may include but not limited to participation in technical interviews, creation of technical documentation, general proposal writing support and proposal color reviews.

Options

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed