Sr. Software Developer

Engineering Bethesda, Maryland


Description

The performance for the Sr. Software Developer shall include:

  • Isolate, review, analyze, reverse-engineer, and modify malicious and nonmalicious programs and applications.
  • Write and produce technical reports related to the scope, nature, and characteristics of the assessed software and applications suitable for distribution to both technical and non-technical audiences
  • Work deep within the boot process, kernel, and system internals using tools like IDA Pro, debuggers, and in-target probes to research the behavior of binaries.
  • Analyze software and firmware using reverse engineering techniques to understand security vulnerabilities, working closely with teammates who value innovation and execution.
  • Share knowledge by clearly articulating ideas through papers and presentations to technical staff, management and Government decision makers.
  • With COR approval, participate in working groups, sponsor meetings, proposal writing, and conferences.
  • Provide detailed understanding of how various software-based attacks work at the memory and register level.
  • Perform in-depth analysis (dynamic/static) on malicious software (i.e., bots, worms, Trojans) resident on Microsoft® WindowsTM and Linux based platforms to provide actionable intelligence and, as appropriate, provide remediation recommendations.
  • Analyze, disassemble, and reverse engineer software binaries; document and transition results in reports, presentations and technical exchanges.
  • Design, prototype, document, test and transition code analysis methods and tools appropriate for operational use.
  • Pro-actively identify, define and advocate reverse engineering and analysis processes, approaches and concepts to enhance/improve technical exploitation efforts.
  • Adequately explain, present, demonstrate [when applicable] and document the operational impact of a particular vulnerability
  • Identify, define, determine origin and report on malware and other select software found on media of interest.

 Qualifications:

  • Bachelor of Science degree in Computer Science, Software Engineering, Computer Engineering, or Electrical Engineering and at least ten (10) years of related experience. Master of Science in Computer Science, Software Engineering, Computer Engineering, or Electrical Engineering may be substituted for six (6) years of required experience. A PhD degree in Computer Science, Software Engineering, Computer Engineering, or Electrical Engineering may be substituted for eight (8) years of required experience.
  • Advanced/Expert experience with reverse engineering and network security tools, including IDA Pro, GDB, WinDdg, YARA, Windows Sysinternals, Kali Linux, and/or Wireshark.
  • Expert level programming knowledge/experience with either Windows Kernel, C, C++, Python and/or Assembly Language and the ability to work in a team environment using modern version control systems.
  • Advanced/Expert level experience in hardware configuration and network/data communications and protocols.
  • Advanced/Expert level experience in software engineering and scripting.
  • Advanced/Expert level experience conducting intelligence analysis and writing finished intelligence reporting.
  • Experience requiring a thorough understanding of compiler specifics, operating system concepts, security models, and the causes of most vulnerabilities and how to exploit them. Preferably, experience coding and disassembling software on both Windows and Linux or other *BSD and Unix variants s.
  • Advanced/Expert experience and knowledge of the types and techniques of cyber exploitation and attack, including virus, worm, Trojan horse, logic bomb, and sniffer to identify, quantify, prioritize, and report vulnerabilities in various architectures, networks, communications, applications, and systems.
  • Experience establishing defense mechanisms to detect and deflect Cyberattacks on networks and communications systems and structures and designing and evaluating applications that are secure from known and potential methods of Cyberattack.
  • Experience coordinating systems implementation activities with key personnel to ensure the successful transition from development to implementation and operation, present and defend a position and to communicate with government and contractor team members.
  • Experience with virtualization, driver programming, and debugging.
  • Experience with ethical hacking and/or testing software vulnerabilities.
  • Advanced/Expert experience with diagnosing and debugging software systems.
  • Contractor personnel may have experience with computer forensic software packages such as EnCase, FTK, or Sleuth Kit/Autopsy
  • Contractor personnel shall be required to complete and pass a written test, prior to beginning work on the contract.

 Security clearance:

  • Current and active TS/SCI with CI Poly