Parsons Corporation Jobs

Mobile Parsons Logo

Job Information

Parsons Corporation Exploit Developer in Fort Belvoir, Virginia

Minimum Clearance Required to Start:

Top Secret SCI

Job Description:

JOB DESCRIPTION

Exploit Developer (ED)

SUMMARY

Are you ready for a challenge that will keep you on the cutting edge of cyber-security while supporting multidisciplinary mission assurance / vulnerability assessments on critical mission systems? Parsons provides comprehensive cyber security expertise for national defense programs and is seeking employees with an eye for detail, a drive to succeed, and a passion for ensuring mission success.

The Exploit Developer is an integral member of the Defense Threat Reduction Agency (DTRA) Red Assessment Team. The DoD’s premier Red Assessment Team is unique in that it performs assessments from an adversarial perspective, emulating the full spectrum of identified capabilities from lone actor to the well-financed terrorist organization to the foreign intelligence entities to demonstrate exploitation of vulnerabilities. The ED will help build the organization’s red cyber capability—as part of both the Red and White cells—and capacity in support of the Certification and Accreditation (C&A) process. The ED will be responsible for creating new and innovative tools for Red Cyber Space Operators to use in cyber assessment operations of US Government and DoD critical networks.

Assessment teams may deploy to high threat but permissive environments anywhere in the world. CONUS and OCONUS travel for durations of up to two weeks per trip.

Top Secret/SCI Security Clearance eligibility required

ESSENTIAL DUTIES AND RESPONSIBILITIES

Emulate a potential adversary’s offensive cyberspace operations and exploitation techniques against a targeted mission, system, network, component, or capability

Use information gathered from readily available open source internet resources to identify exposed or compromised information, vulnerabilities, and misconfigurations

Employ tools against identified compromises to demonstrate a loss of confidence in the target’s functional and security posture forcing the target to operate in a degraded, disrupted, or denied cyber environment

Work closely with Red Cyber Analysts to identify targets, research, scan, and map networks

When authorized, demonstrate a potential adversary’s offensive-based cyberspace operations or intelligence collection capabilities against a targeted mission or capability in accordance with ethical hacking principles and in compliance with U.S. Cyber Command Standing Ground Rules

Reverse engineer source code to develop exploits

Perform code review on all offensive scripts/code and shepherding them through all approval processes

Develop, vette, and validate exploits IAW DoD and Red Team policy and procedures prior to leveraging exploits for operations ICW technical oversight and guidance

Keep apprised of emerging cyber threats and attack methodologies and sharing this information with Red Team personnel to enhance cyber assessment efforts

Analyze operational TTPs and developing exploits and scripts to automate and improve operational processes. These products will be used to better emulate adversarial threats and attacks and demonstrate and exploit vulnerabilities to sensitive mission critical networks and systems.

Document safe and secure usage for internally and externally developed tools IAW with Red Team policies and procedures

Leverage proof of concept (POC) code to build/tailor exploits for use in Command and Control (C2) tools

Support the development and tuning of C2 tools to enhance effectiveness and reduce detection likelihood

EDUCATION AND/OR EXPERIENCE

Possess a Bachelor's degree or higher in a Computer Science, Computer Forensics, Computer Engineering, Cybersecurity, Electrical Engineering, or a related technical discipline; commensurate operational experience can serve as a substitute for degree requirements

Possess a minimum of 5 years operational experience in the military, other Federal Government, or comparable civilian position in Cyberspace Operations (Offensive Cyberspace Operations, Defensive Cyberspace Operations, and Cyberspace Exploitation), Cyber Red Team, Penetration Testing, and/or Information Operations (IO)

Possess IAT Level III and CSSP Auditor certifications as defined and 8570.01-M, or ability to obtain certifications within 180 days of hire

GICSP, GCIP, GRID, or ISA/IEC desirable

KNOWLEDGE, SKILLS, AND ABILITIES

Possess a minimum of five years demonstrated experience using open source tools and operating systems or hold a comparable Linux certification

Possess working knowledge of DoD’s Cybersecurity Vulnerability Alert and Incident Response process

Possess a working knowledge of computer network vulnerability/compliance analysis software

Possess excellent written and verbal communication skills

Possess expert knowledge of Microsoft Office Suite (Word, Excel, PowerPoint, Visio) to prepare presentations, reports, and white papers

Must be able to obtain, maintain and/or currently possess a security clearance.

The position may require a COVID vaccination or an approved accommodation/exemption for a disability/medical condition or religious belief as required by federal, state, provincial or local mandates or customer requirements.

About Us

Parsons is a digitally enabled solutions provider focused on the defense, security, and infrastructure markets. With nearly 75 years of experience, Parsons is uniquely qualified to deliver cyber/converged security, technology-based intellectual property, and other innovative services to federal, regional, and local government agencies, as well as to private industrial customers worldwide.

Parsons is an equal opportunity, drug-free employer committed to diversity in the workplace. Minority/Female/Disabled/Protected Veteran/LGBTQ+.

For more about Parsons, visit parsons.com and follow us on Facebook, Twitter, LinkedIn, and YouTube.

DirectEmployers