Vulnerability Research Exploit Developer

  • SAIC,
  • Fairmont, WV
  • 8 hours ago
company banner
SAIC
Research, Developer, Test, A/V, Assembly, Python, Perl, Bash, JavaScript, Java, PHP, Windows, UNIX, Linux, Excel, PowerPoint, Security, Civil, IT, SAS
Full Time

Job Description

Description

Description

The Vulnerability Research Exploit Developer is responsible for simulating real-life cyber attacks with the goal of helping an organization improve its security posture. This is a highly technical hands-on role that will utilize development/programming, live testing, system administration, reverse engineering, vulnerability assessments, system/network hardening, penetration testing and ultimately creativity skills. It is an opportunity for a team player to enhance a world-class team and learn/teach new skills.

Requirements
  • Experience conducting advance host/network/application penetration testing as a member of a technical team on live/operational systems
  • Perform reverse engineering and static/dynamic test of desktop/web applications to find security flaws like zero-day vulnerabilities
  • Review custom applications source code for security flaws and vulnerabilities
  • Perform full-scope penetration test activities like zero-day discovery, exploit development and exploitation of vulnerabilities on operational network infrastructure devices, services, various operating systems and desktop/web applications
  • Test the exploitation of security policies and access controls in restricted/secure environments (e.g. GPO bypass, privilege escalation and A/V evasion)
  • Capable of doing the necessary research and development to produce TTPs and products (e.g. exploits, applications, etc.) to achieve systems exploitation
  • Be able to review, modify and develop software programs or scripts in Assembly, C++, C#, VBS, Python, Perl, Ruby, PowerShell, Bash, JavaScript, Java, PHP and other languages for systems/applications exploitation, data analysis, systems configuration and task automation
  • Work extensively from the Windows and UNIX/Linux command line (e.g. Bash and PowerShell)
  • Able to test, identify and exploit vulnerabilities in web applications without the use of scanning tools
  • Informed in current information security threats, trends and vulnerabilities
  • Research and formulate recommendations for vulnerabilities
  • Employ extensive use of Microsoft Office main tools: Word, Excel, PowerPoint and Visio to prepare plans, reports, diagrams, tables, briefings, etc.
  • Be able to present, demonstrate, explain and document operational impact of a particular vulnerability or the combination of many vulnerabilities and flaws
  • Develop proof-of-concept examples and scenarios for reports and live demonstrations
  • Create/document tactic, techniques and procedures (TTP) to train and expand/share knowledge with customers and other team members

Qualifications

TYPICAL EDUCATION AND EXPERIENCE:

Bachelors degree and nine (9) years or more experience; Masters and seven (7) years or more experience ; PhD and four (4) years or more experience.


My SAIC Benefits.


Company Information

Dice Id : 10111346
Position Id : 2018292
Originally Posted : 3 months ago

Similar Positions at SAIC

Penetration Tester
  • Fairmont, WV
  • 15 hours ago
Programmer
  • Mclean, VA
  • 15 hours ago
Software Engineer
  • Chantilly, VA
  • 15 hours ago
Systems Administrator
  • Chantilly, VA
  • 15 hours ago
Systems Administrator
  • Reston, VA
  • 15 hours ago
Robot Infrastructure Software Engineer
  • Greenbelt, MD
  • 15 hours ago
ServiceNow Software Developer
  • Chantilly, VA
  • 15 hours ago
ServiceNow Software Developer
  • Herndon, VA
  • 15 hours ago