We use cookies. Find out more about it here. By continuing to browse this site you are agreeing to our use of cookies.
I agree and accept cookies
Main menu
Post a Job
Request a Demo
Yes
No
Both
Advanced search
#alert
Back to search results / More jobs like this
Back to search results
TechSource jobs

Senior Software Developer, Red Team/Cyber Security (onsite)

TechSource
United States, Virginia, Fort Belvoir
8725 John J. Kingman Rd (Show on map)
Feb 07, 2025

Position Description

Join the Defense Threat Reduction Agency (DTRA) as a member of the elite DoD Red Team's newest component, the DTRA Cyber Assessment Red Team (DCART), where you will be at the forefront of assessing vulnerabilities and identifying risks to critical assets and missions. You will challenge protection strategies from an adversarial perspective, providing invaluable insights that drive mission assurance and be key to safeguarding our nation's security.

You will collaborate with top-tier DoD stakeholders, including the Joint Chiefs of Staff and Combatant Commanders, to deliver actionable intelligence that enhances our defense capabilities. Your work will involve both analytical and physical assessments, as well as contributing to the cutting-edge DTRA Cyber Assessment Red Team (DCART). By conducting comprehensive cyber assessments, you will help create a holistic view of adversarial threats, ensuring our national security remains robust and resilient.

This is your chance to make a tangible impact on national defense, working alongside dedicated professionals to prevent, protect, and mitigate threats to our nation's most critical operations. Join us and be part of a mission that truly matters.

May travel to support assessments CONUS and OCONUS (anticipated ~15%). Must be able to support assessments during non-standard duty hours, to include nights and weekends.

Job Description: The Senior Software Developer must have 3+ years as a software developer. They should be proficient in C and C# and BOFs and have 1+ years' experience in offensive capability development for Windows environments. They should have 1+ years' experience working in an agile/scrum environment.

  • Experience with C2 frameworks, especially Cobalt Strike
  • Experience with host-based computer forensics, network-based forensics, cyber incident response, cyber-criminal investigation, intrusion detection/analysis, designing countermeasures and mitigations against potential exploitations of programming language weaknesses and vulnerabilities, cyber red teaming, network penetration testing, security operations center analysis, defensive cyber operations, or offensive cyber operations
  • Malware development, analysis, binary disassembly, binary decomplication, network/communication protocol analysis, software vulnerability research, or software exploit development
  • 3-5 years development industry experience
  • Experience in the development of Windows kernel modules
  • Strong familiarity with Windows Active Directory
  • Experience developing exploits, shellcode, and bypassing mitigations such as nonexecutable stack (NX) and ASLR as well as more advanced exploit mitigations
  • Strong familiarity with the Windows API/Win32 modules for tool development
  • Ability to conduct dynamic analysis as needed via debuggers
  • Expertise in AV/EDR evasion techniques
  • Top Secret SCI Clearance


Desired Skills/Certifications:


  • Must pass the DCART senior developer aptitude test before joining DCART as an Operator Senior Developer must pass the Junior Developer Aptitude Test (JDAT) and Senior Developer Aptitude Test (SDAT) to be eligible to support the contract. The JDAT exam will be administered remotely, and the candidate will have 60 minutes to complete. Proficiency will be tested on several topics, including but not limited to the following:
    • C language
    • Assembly language
    • Data structures
    • Win32 API knowledge
    • DevOps processes
    • Networking
    • Git
    • Agile methodology

  • In addition, the Senior Developer must achieve a satisfactory performance on the DCART SDAT. The exam will be administered remotely, and the candidate will have 60 minutes to complete. Proficiency will be tested on several topics, but an applicant will choose topics to demonstrate expertise in. These are including but not limited to the following:
    • Cobalt Strike Development Methodologies
    • Command and Control Design and Architecture
    • Kernel-level programming in Windows
    • Exploit development in x86
    • Operating systems concepts

Applied = 0
MORE JOBS LIKE THIS

(web-7d594f9859-68c9j)