Oak Grove Technologies
Software Exploit Developer (Red Team Operator)
Oak Grove Technologies, Fort Belvoir, Virginia, United States, 22060
Software Exploit Developer (Red Team Operator)
Location
US-VA-Fort Belvoir
Job ID
2024-3132
# Positions
2
Experience (Years)
7
Category
Information Technology - All Openings
Overview
Oak Grove Technologies has an exciting opportunity for a Software Tool Development Senior supporting the Defense Threat Reduction Agency's (DTRA) Advance Red Cyber program in executing Red Team Assessments. Red Teams perform assessments from an adversarial viewpoint and use the full spectrum of identified adversarial capabilities, limited only by restrictions mandated by the customer and legal, safety, and security constraints, to test and evaluate protection strategies and demonstrate exploitation of identified vulnerabilities. The Software Tool Developer Junior will have the opportunity to create new and innovative tools for Red Cyber team Operators to use in cyber assessment operations of U.S. Government and DoD critical networks. If you are detail-oriented and highly organized with a passion for creative and critical thinking, we encourage you to apply for this exciting and rewarding role. Responsibilities
Develop tools, exploits, and code for use on red cyber operations. Conduct open-source research on cyber related vulnerabilities and exploitation development.
Performing code review on all offensive scripts/code and shepherding them through all approval processes. Analyze operational Techniques Tactics and Procedures (TTPs) and developing exploits and scripts to automate and improve operational processes. These products will help to better emulate adversarial threats and attacks and demonstrate and exploit vulnerabilities to sensitive mission critical networks and systems. Document safe and secure usage for internally and externally developed tools IAW Red Team policies and procedures. Support and/or conduct Dev Ops review of code for operational approval. Leverage existing proof of concept code to build and tailor exploits for use in Command and Control (C2) tools. Support the development and tuning of C2 tools to enhance effectiveness and reduce detection likelihood. Support urgent development requests as required in support of assessments. Tailored tools and exploits may require assembly, testing, and approval within 24 hours of identifying a vulnerability. Understand common vulnerabilities and their exploits, such as buffer over-flows, use-after-free, and SQL injection.
Analyze the offensive cyber tactics of a potential adversary by replicating their operations to assess and protect against security threats
threats
Utilize publicly available information on the internet to discover weaknesses, vulnerabilities, and compromised data
Conduct cyber operations against U.S. government entities to enhance cybersecurity, detect potential threats, and suggest ways to address vulnerabilities
Apply advanced knowledge of offensive cyber strategies, including reconnoitering, infiltration, network exploration, and data extraction, to simulate adversarial attacks and identify weaknesses during red team assessments arity with assembly language and low-level programming, particularly for understanding exploits and crafting shellcode
Qualifications
Bachelor's Degree or relevant work experience. Expertise as a Reverse Engineer analyzing source code to develop tools or exploits. Expertise with Script or develop in one or more language (e.g., C, C++). Has managed significant engagements. Typically 5-7+ years of related experience for Senior, 3+ years for Junior. All applicants must be able to complete pre-employment onboarding requirements (if selected) which may include any/all of the following: criminal/civil background check, drug screen, and motor vehicle records search, in compliance with any applicable laws and regulations. Top Secret Security Clearance required . TS/SCI Security Clearance preferred. Hybrid work schedule - 4 days in office, 1 remote. Typical office environment, extensive domestic and international travel, extreme weather conditions. Must be able to endure sitting, walking, talking, hearing, reading, writing, keyboarding, driving, filing, reaching, stooping, crouching, bending, standing for extended periods of time, lifting or carrying up to 40 pounds.
Location
US-VA-Fort Belvoir
Job ID
2024-3132
# Positions
2
Experience (Years)
7
Category
Information Technology - All Openings
Overview
Oak Grove Technologies has an exciting opportunity for a Software Tool Development Senior supporting the Defense Threat Reduction Agency's (DTRA) Advance Red Cyber program in executing Red Team Assessments. Red Teams perform assessments from an adversarial viewpoint and use the full spectrum of identified adversarial capabilities, limited only by restrictions mandated by the customer and legal, safety, and security constraints, to test and evaluate protection strategies and demonstrate exploitation of identified vulnerabilities. The Software Tool Developer Junior will have the opportunity to create new and innovative tools for Red Cyber team Operators to use in cyber assessment operations of U.S. Government and DoD critical networks. If you are detail-oriented and highly organized with a passion for creative and critical thinking, we encourage you to apply for this exciting and rewarding role. Responsibilities
Develop tools, exploits, and code for use on red cyber operations. Conduct open-source research on cyber related vulnerabilities and exploitation development.
Performing code review on all offensive scripts/code and shepherding them through all approval processes. Analyze operational Techniques Tactics and Procedures (TTPs) and developing exploits and scripts to automate and improve operational processes. These products will help to better emulate adversarial threats and attacks and demonstrate and exploit vulnerabilities to sensitive mission critical networks and systems. Document safe and secure usage for internally and externally developed tools IAW Red Team policies and procedures. Support and/or conduct Dev Ops review of code for operational approval. Leverage existing proof of concept code to build and tailor exploits for use in Command and Control (C2) tools. Support the development and tuning of C2 tools to enhance effectiveness and reduce detection likelihood. Support urgent development requests as required in support of assessments. Tailored tools and exploits may require assembly, testing, and approval within 24 hours of identifying a vulnerability. Understand common vulnerabilities and their exploits, such as buffer over-flows, use-after-free, and SQL injection.
Analyze the offensive cyber tactics of a potential adversary by replicating their operations to assess and protect against security threats
threats
Utilize publicly available information on the internet to discover weaknesses, vulnerabilities, and compromised data
Conduct cyber operations against U.S. government entities to enhance cybersecurity, detect potential threats, and suggest ways to address vulnerabilities
Apply advanced knowledge of offensive cyber strategies, including reconnoitering, infiltration, network exploration, and data extraction, to simulate adversarial attacks and identify weaknesses during red team assessments arity with assembly language and low-level programming, particularly for understanding exploits and crafting shellcode
Qualifications
Bachelor's Degree or relevant work experience. Expertise as a Reverse Engineer analyzing source code to develop tools or exploits. Expertise with Script or develop in one or more language (e.g., C, C++). Has managed significant engagements. Typically 5-7+ years of related experience for Senior, 3+ years for Junior. All applicants must be able to complete pre-employment onboarding requirements (if selected) which may include any/all of the following: criminal/civil background check, drug screen, and motor vehicle records search, in compliance with any applicable laws and regulations. Top Secret Security Clearance required . TS/SCI Security Clearance preferred. Hybrid work schedule - 4 days in office, 1 remote. Typical office environment, extensive domestic and international travel, extreme weather conditions. Must be able to endure sitting, walking, talking, hearing, reading, writing, keyboarding, driving, filing, reaching, stooping, crouching, bending, standing for extended periods of time, lifting or carrying up to 40 pounds.