Parsons Corporation DevSecOps Specialist - Red Team in Fort Belvoir, Virginia
In a world of possibilities, pursue one with endless opportunities. Imagine Next!
When it comes to what you want in your career, if you can imagine it, you can do it at Parsons. Imagine a career working with intelligent, diverse people sharing a common quest. Imagine a workplace where you can be yourself. Where you can thrive. Where you can find your next, right now. We’ve got what you’re looking for.
Are you ready for a challenge that will keep you on the cutting edge of cyber-security while supporting multidisciplinary mission assurance / vulnerability assessments on critical mission systems? Parsons provides comprehensive cyber security expertise for national defense programs and is seeking employees with an eye for detail, a drive to succeed, and a passion for ensuring mission success.
The DevSecOps Specialist is an integral member of the Defense Threat Reduction Agency (DTRA) Red Assessment Team. The DoD Red Team historically conducted analytical and physical red team assessments. The Advance Red cyber operations is the newest component of the DoD Red Team and conducts threat emulative cyber assessments to further the goals of the DoD Red Team. The advance red cyber team compliments these capabilities with a cyber-component that provides a more holistic DoD Red Team assessment. Incorporating a cyber-assessment capability into the DoD Red Team allows for better emulation of a sophisticated multidisciplinary adversarial campaign. This synergistic method provides the DoD Red Team’s customers with a holistic, realistic, and actionable assessment of an adversary’s ability to identify, deny, degrade, or compromise critical DoD capabilities or exfiltration data. The DevSecOps Specialist will help build the organization’s red cyber capability. The Software Tool Developer will be responsible for creating new and innovative tools for Red Cyber Operators to use in cyber assessment operations of US Government and DoD critical networks. The Software Tool Developer will use full-stack experience to write clear, concise, functioning and fully commented code that turns our Defensive Cyber Operations (DCO) customer’s requirements for cloud-based applications into reality.
Duties are primarily executed at home station; however, assessment teams may deploy to high threat but permissive environments anywhere in the world. CONUS and OCONUS travel for durations of up to two weeks per trip.
Top Secret/SCI Security Clearance eligibility required.
What You'll Be Doing:
Develop tools, exploits, and code for use on red cyber operations. Conduct opensource research on cyber related vulnerabilities and exploitation development.
Expertise as a Reverse engineer analyzing source code to develop tools or exploits.
Expertise with Script or develop in one or more language (e.g., C, C++).
Performing code review on all offensive scripts/code and shepherding them through all approval processes.
Analyze operational Techniques Tactics and Procedures (TTPs) and developing exploits and scripts to automate and improve operational processes. These products will help to better emulate adversarial threats and attacks and demonstrate and exploit vulnerabilities to sensitive mission critical networks and systems.
Document safe and secure usage for internally and externally developed tools IAW Red Team policies and procedures.
Keep apprised of emerging cyber threats and attack methodologies and sharing this information with Red Team personnel to enhance cyber assessment efforts.
Support and/or conduct Dev Ops review of code for operational approval.
Leverage existing proof of concept code to build and tailor exploits for use in Command and Control (C2) tools.
Support the development and tuning of C2 tools to enhance effectiveness and reduce detection likelihood.
Support urgent development requests as required in support of assessments. Tailored tools and exploits may require assembly, testing, and approval within 24 hours of identifying a vulnerability.
What Required Skills You'll Bring:
Possess a Bachelor's degree or higher in a Computer Science, Computer Forensics, Computer Engineering, Cybersecurity, Electrical Engineering, or a related technical discipline and the following years of experience:
BS and 8-10 years of experience
MS and 6-8 years of experience
Ph.D. and 3-5 years of experience
Will consider relevant number of years of operational experience in lieu of a degree.
Possess a minimum of operational experience as listed above in the military, other Federal Government, or comparable civilian position in Cyberspace Operations (Offensive Cyberspace Operations, Defensive Cyberspace Operations, and Cyberspace Exploitation), Cyber Red Team, Penetration Testing, and/or Information Operations (IO).
Possess IAT Level III certification as defined and 8570.01-M, or ability to obtain certifications within 180 days of hire.
Certified Reverse Engineering Analyst (CREA), GIAC Reverse Engineering Malware (GREM), SANS Advanced Exploit Development for Penetration Testers, and Certified DevSecOps Engineer (C|DSE), desirable.
What Desired Skills You'll Bring:
Experience working in Assembly Language, C, C++, Python, Perl, Linux, exploit development, and reverse and cybersecurity engineering.
Experience working in an Agile software development environment using DevSecOps practices.
Experience with DevOps tools (e.g. Nexus, Artifactory, Jenkins, Docker, Coverity).
Experience with automated deployment tools (e.g. Puppet, Ansible).
Ability to support and troubleshoot issues on common Operating Systems (e.g. Windows, Linux).
Experience developing in a Linux environment (RHEL, CentOS, Ubuntu)
Experience with Git, Gitlab, Gitbucket, or Bitbucket
Experience with Node.js, React, HTML/CSS, JSON, Typescript, Java and Python
Experience with Kubernetes deployment and management, including Helm
Experience with deployment of Docker containers
Minimum Clearance Required to Start:
Top Secret SCI
This position is part of our Federal Solutions team.
Our Federal Solutions segment delivers resources to our US government customers that ensure the success of missions around the globe. Our diverse, intelligent employees drive the state of the art as they provide services and solutions in the areas of defense, security, intelligence, infrastructure, and environmental. We promote a culture of excellence and close-knit teams that take pride in delivering, protecting, and sustaining our nation's most critical assets, from Earth to cyberspace. Throughout the company, our people are anticipating what’s next to deliver the solutions our customers need now.
We value our employees and want our employees to take care of their overall wellbeing, which is why we offer best-in-class benefits such as medical, dental, vision, paid time off, 401(k), life insurance, flexible work schedules, and holidays to fit your busy lifestyle!
The position may require a COVID vaccination or an approved accommodation/exemption for a disability/medical condition or religious belief as required by customer requirements and some cases federal, state, provincial or local mandates.
Parsons is an equal opportunity employer committed to diversity, equity, inclusion, and accessibility in the workplace. Diversity is ingrained in who we are, how we do business, and is one of our company’s core values. Parsons equally employs representation at all job levels for minority, female, disabled, protected veteran and LGBTQ+.
We truly invest and care about our employee’s wellbeing and provide endless growth opportunities as the sky is the limit, so aim for the stars! Imagine next and join the Parsons quest—APPLY TODAY!About Us
Parsons is a digitally enabled solutions provider focused on the defense, security, and infrastructure markets. With nearly 75 years of experience, Parsons is uniquely qualified to deliver cyber/converged security, technology-based intellectual property, and other innovative services to federal, regional, and local government agencies, as well as to private industrial customers worldwide.
Parsons is an equal opportunity, drug-free employer committed to diversity in the workplace. Minority/Female/Disabled/Protected Veteran/LGBTQ+.
For more about Parsons, visit parsons.com and follow us on Facebook, Twitter, LinkedIn, and YouTube.