Senior CANO/WiFi Developer (onsite) Cyber Security

Position Description

Join the Defense Threat Reduction Agency (DTRA) as a member of the elite DoD Red Team's newest component, the DTRA Cyber Assessment Red Team (DCART), where you will be at the forefront of assessing vulnerabilities and identifying risks to critical assets and missions. You will challenge protection strategies from an adversarial perspective, providing invaluable insights that drive mission assurance and be key to safeguarding our nation's security.

You will collaborate with top-tier DoD stakeholders, including the Joint Chiefs of Staff and Combatant Commanders, to deliver actionable intelligence that enhances our defense capabilities. Your work will involve both analytical and physical assessments, as well as contributing to the cutting-edge DTRA Cyber Assessment Red Team (DCART). By conducting comprehensive cyber assessments, you will help create a holistic view of adversarial threats, ensuring our national security remains robust and resilient.

This is your chance to make a tangible impact on national defense, working alongside dedicated professionals to prevent, protect, and mitigate threats to our nation's most critical operations. Join us and be part of a mission that truly matters.

May travel to support assessments CONUS and OCONUS (anticipated ~15%). Must be able to support assessments during non-standard duty hours, to include nights and weekends.

• Must have 3+ years as a software developer.
• Proficient in C and C# and BOFs.
• Must demonstrated expertise pursuant to cyberenabling close access operations.
• Demonstrated experience with vulnerability research, exploitation, and n-day weaponization against wireless and mobile (Android / IOS) targets.
• Must pass the DCART senior developer aptitude test before joining DCART as an Operator.

Desired Skills/Certifications:

• Should have 1+ years' experience in offensive capability development for Windows environments
• Should have 1+ years' experience working in an agile/scrum environment.
• Experience with C2 frameworks, especially Cobalt Strike.
• Experience with host-based computer forensics, network-based forensics, cyber incident response, cyber-criminal investigation, intrusion detection/analysis, designing countermeasures and mitigations against potential exploitations of programming language weaknesses and vulnerabilities, cyber red teaming, network penetration testing, security operations center analysis, defensive cyber operations, or offensive cyber operations.
• Malware development, analysis, binary disassembly, binary decomplication, network/communication protocol analysis, software vulnerability research, or software exploit development.
• 3-5 years development industry experience.
• Experience in the development of Windows kernel modules.
• Strong familiarity with Windows Active Directory
• Experience developing exploits, shellcode, and bypassing mitigations such as nonexecutable stack (NX) and ASLR as well as more advanced exploit mitigations.
• Strong familiarity with the Windows API/Win32 modules for tool development
• Ability to conduct dynamic analysis as needed via debuggers.
• Expertise in AV/EDR evasion techniques.