Job Description:

TITLE: Cybersecurity Exploit DeveloperLOCATION: SuffolkNorfolk, VirginiaCLEARANCE REQUIRED: Eligibility to obtain and maintain a DoD Top Secret ClearanceEMPLOYMENT TYPE: Full Time, On-sitePOSITION SUMMARYModern Government Solutions (MGS) is seeking a Cybersecurity Exploit Developer to work with our client's industry leading cyber defense assessment team. As the Exploit Developer you will develop and create tools and means to demonstrate penetration and exploitation techniques of computer networks. In addition, you will operationalize tool capabilities to defeat current and emerging exploit mitigation techniques, bypass or evade defensive tools and maintain a covert presence within a network. Responsible for ensuring end-to-end functionality of the tools and making sure they are robust and ready for training and exercise support.RESPONSIBILITIES (not limited to):Analyze and extrapolate from the latest Cyber threat intelligence new and evolving attack techniques.Develop tools to emulate effects of cyber-attacks for training.Develop usable exploits and implants.Design and develop remote access capabilities to use during training exercises and tests.Design and develop obscured communication and control channels.Conduct end-to-end testing of attack tools to ensure intended functionality while evading defensive tools.Collaborate with a team of experienced developers to create usable and robust attack tools.Collaborate across Cybersecurity professionals and similar teams to prioritize the development of the systems of interest.Exploit common vulnerabilities and misconfigurations associated with common operating systems (Windows, Linux, etc.), protocols (HTTP, FTP, etc.), and network security services (PKI, HTTPS, etc.)Target and analyze Windows and Active Directory environments.REQUIRED SKILLS AND QUALIFICATIONSEligible to obtain and maintain an active Department of Defense (DoD) Secret clearance is required.5+ years' experience in exploit development, reverse engineering, red team capabilities and engineering.Knowledge of development programming languages (e.g., Python, C (+variants), .Net).Penetration Testing (PENTEST) of Enterprise Level Command & Control (C2) systems.Knowledge of Web Server configurations (e.g., Apache HTTP Server, Apache Tomcat, Microsoft IIS.)Planning and execution experience with technical cyber assessments or penetration tests.Experience performing code testing and peer-review to identify potential issues.Experience with developing and using testing methodology for cloud-based and networked systems.Experience modifying, testing and use of computer network attack and exploitation tools.General Information Security (INFOSEC) experience.Analysis experience of the exploitation of Windows EnvironmentsRequired Certifications: Certified Ethical Hacker (CEH) and Security+ or higher, and two of technical certifications from the following list:Web Application Penetration Tester (WAPT)GIAC Web Application Penetration Tester (GWAPT)GIAC Penetration Tester (GPEN)Cisco Certified Network Associate (CCNA)Offensive Security Certified Professional (OSCP)CompTIA Penetration Testing (PenTest+)PREFERRED SKILLSWilling and able to obtain a DoD Top Secret clearance.Experience with examining various cyber threat TTPs, organizational structures, capabilities, personas, and environments, and integrating findings into penetration tests or exercises.Ability to design, build, and implement software, Cyber assessment tools, information assurance products, or computer security applications, preferred.Experience with computer network or system design and implementation preferred.Employment is contingent on customer acceptance of resume and qualifications.Knowledge of virtualization technology (VMWare, VirtualBox, etc.)Preferred Certifications:Offensive Security Certified Expert (OSCE)GIAC Exploit Researcher and Advanced Penetration Tester (GXPN)ABOUT USAt MGS, we believe a people-first culture corresponds to organizational success through a commitment to excellence, integrity, inclusion, and an attitude that welcomes challenges meets demands, sustains growth, and drives innovation. We provide expert mission-first technical and programmatic services and solutions for the US intelligence community, the US Department of Defense, and other governmental agencies. We create people-first organizational cultures where employees feel needed in the system, not a system that needs employees. We provide you with long-term career opportunities centrally focused on our core value system: inclusion, integrity, and a commitment to excellence.MGS is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status, and will not be discriminated against on the basis of disability.