Parsons Corporation Jobs

Mobile Parsons Logo

Job Information

Parsons Corporation Exploit Developer in Fort Belvoir, Virginia

Minimum Clearance Required to Start:

Top Secret SCI

Job Description:

JOB DESCRIPTION Exploit Developer (ED) SUMMARY Are you ready for a challenge that will keep you on the cutting edge of cyber-security while supporting multidisciplinary mission assurance / vulnerability assessments on critical mission systems? Parsons provides comprehensive cyber security expertise for national defense programs and is seeking employees with an eye for detail, a drive to succeed, and a passion for ensuring mission success.The Exploit Developer is an integral member of the Defense Threat Reduction Agency (DTRA) Red Assessment Team. The DoD's premier Red Assessment Team is unique in that it performs assessments from an adversarial perspective, emulating the full spectrum of identified capabilities from lone actor to the well-financed terrorist organization to the foreign intelligence entities to demonstrate exploitation of vulnerabilities. The ED will help build the organization's red cyber capability-as part of both the Red and White cells-and capacity in support of the Certification and Accreditation (C&A) process. The ED will be responsible for creating new and innovative tools for Red Cyber Space Operators to use in cyber assessment operations of US Government and DoD critical networks.Assessment teams may deploy to high threat but permissive environments anywhere in the world. CONUS and OCONUS travel for durations of up to two weeks per trip.Top Secret/SCI Security Clearance eligibility required ESSENTIAL DUTIES AND RESPONSIBILITIES

  • Emulate a potential adversary's offensive cyberspace operations and exploitation techniques against a targeted mission, system, network, component, or capability

  • Use information gathered from readily available open source internet resources to identify exposed or compromised information, vulnerabilities, and misconfigurations

  • Employ tools against identified compromises to demonstrate a loss of confidence in the target's functional and security posture forcing the target to operate in a degraded, disrupted, or denied cyber environment

  • Work closely with Red Cyber Analysts to identify targets, research, scan, and map networks

  • When authorized, demonstrate a potential adversary's offensive-based cyberspace operations or intelligence collection capabilities against a targeted mission or capability in accordance with ethical hacking principles and in compliance with U.S. Cyber Command Standing Ground Rules

  • Reverse engineer source code to develop exploits

  • Perform code review on all offensive scripts/code and shepherding them through all approval processes

  • Develop, vette, and validate exploits IAW DoD and Red Team policy and procedures prior to leveraging exploits for operations ICW technical oversight and guidance

  • Keep apprised of emerging cyber threats and attack methodologies and sharing this information with Red Team personnel to enhance cyber assessment efforts

  • Analyze operational TTPs and developing exploits and scripts to automate and improve operational processes. These products will be used to better emulate adversarial threats and attacks and demonstrate and exploit vulnerabilities to sensitive mission critical networks and systems.

  • Document safe and secure usage for internally and externally developed tools IAW with Red Team policies and procedures

  • Leverage proof of concept (POC) code to build/tailor exploits for use in Command and Control (C2) tools

  • Support the development and tuning of C2 tools to enhance effectiveness and reduce detection likelihood

EDUCATION AND/OR EXPERIENCE

  • Possess a Bachelor's degree or higher in a Computer Science, Computer Forensics, Computer Engineering, Cybersecurity, Electrical Engineering, or a related technical discipline; commensurate operational experience can serve as a substitute for degree requirements

  • Possess a minimum of 5 years operational experience in the military, other Federal Government, or comparable civilian position in Cyberspace Operations (Offensive Cyberspace Operations, Defensive Cyberspace Operations, and Cyberspace Exploitation), Cyber Red Team, Penetration Testing, and/or Information Operations (IO)

  • Possess IAT Level III and CSSP Auditor certifications as defined and 8570.01-M, or ability to obtain certifications within 180 days of hire

  • GICSP, GCIP, GRID, or ISA/IEC desirable

KNOWLEDGE, SKILLS, AND ABILITIES

  • Possess a minimum of five years demonstrated experience using open source tools and operating systems or hold a comparable Linux certification

  • Possess working knowledge of DoD's Cybersecurity Vulnerability Alert and Incident Response process

  • Possess a working knowledge of computer network vulnerability/compliance analysis software

  • Possess excellent written and verbal communication skills

  • Possess expert knowledge of Microsoft Office Suite (Word, Excel, PowerPoint, Visio) to prepare presentations, reports, and white papers

Must be able to obtain, maintain and/or currently possess a security clearance.

The position may require a COVID vaccination or an approved accommodation/exemption for a disability/medical condition or religious belief as required by federal, state, provincial or local mandates or customer requirements.

Parsons is an equal opportunity, drug-free employer committed to diversity in the workplace. Minority/Female/Disabled/Protected Veteran/LGBTQ+. All qualified applicants will receive consideration for employment without regard to an individual’s race, color, religion, national origin, ethnicity, union affiliation, age, sex, sexual orientation, gender identity and expression, pregnancy, employable physical or mental disability, veteran status, genetic information, immigration status, or any other basis protected by all applicable laws.

DirectEmployers