Salary StatementEstimated Starting Salary Range: USD $111,100.00/Yr. - USD $185,100.00/Yr. Salary to be determined by the education, experience, knowledge, skills, and abilities of the applicant, internal equity, and alignment with market data.
DescriptionSupports the United States Navy, Naval Air Warfare Center, Aircraft Division, Cyber Warfare Engineering Services. As a Red Team member, work independently to establish vulnerability research environments, assess the operational impact and understand the root-cause, and design proof-of-concept (PoC) mitigations. Responsibilities include, but are not limited to:
- Threat intelligence and research synthesis: Research open-source intelligence, web forums, and security advisories to track adversarial tactics, techniques, and procedures. Develop and contribute to internal vulnerability databases to ensure threat signatures and severity metrics are accurate.
- Vulnerability discovery and analysis: Conduct static and dynamic analysis on applications and system components. Perform source code reviews to locate logical flaws, memory corruption vulnerabilities, and cryptographic weaknesses.
- Mitigation and remediation support: Use debugging, disassembling, and binary analysis tools to reverse-engineer compiled binaries. Develop functional, stable PoC exploits to validate the severity and reachability of discovered flaws. Triage crash reports generated by automated testing tools, determine if a vulnerability is exploitable or a denial-of-service (DoS) state. Collaborate with software developers and engineering teams to design and implement robust, long-term patches.
- Technical documentation and reporting: Prepare comprehensive, clear, and actionable technical reports detailing the vulnerability, root cause, impact, and reproduction steps. Translate complex binary and code-level findings into clear risk assessments for stakeholders and system administrators.
- Other duties consistent with the statement of work.
- This is an on-site position but may be eligible for compressed work schedule.
FILLING THIS POSITION IS CONTINGENT UPON FUNDING
#LI-DH1
Requirements
- Bachelor’s degree from an accredited college or university in Computer Science, Engineering, Software Engineering or related technical discipline
- 5-years of experience working in the area of cyber security vulnerability, or a master's degree and/or advanced certifications in lieu of 5-years of experience
- Qualified in at least one of the DoD Cyber Workforce Framework (DCWF) roles listed at https://www.cool.osd.mil/usn/cswf/indes.htm.?CWFModel, or obtain a DCWF qualification within 60-days of on-boarding
- Experience programming in Python and using GHIDRA, IDA Pro, or other reverse engineering tools
- Strong technical communication skills
- Strong organizational skills, ability to capture, distill, and centralize pertinent information for informed decision making using existing communication tools
- Active Top Secret security clearance and SCI access
Desired Skills
- Knowledge of adversarial threat tactics, techniques, and procedures
- Knowledge of naval aviation acquisition programs
- Knowledge of/experience with aviation platforms
- Certified in Microsoft or Linux operation
Clearance Information
SRC IS A CONTRACTOR FOR THE U.S. GOVERNMENT, THIS POSITION WILL REQUIRE U.S. CITIZENSHIP AS WELL AS, A U.S. GOVERNMENT SECURITY CLEARANCE AT THE TOP SECRET / SCI LEVEL
Travel Requirements