SAIC Vulnerability Research Exploit Developer in FAIRMONT, West Virginia
The Vulnerability Research Exploit Developer is responsible for simulating real-life cyber attacks with the goal of helping an organization improve its security posture. This is a highly technical hands-on role that will utilize development/programming, live testing, system administration, reverse engineering, vulnerability assessments, system/network hardening, penetration testing and ultimately creativity skills. It is an opportunity for a team player to enhance a world-class team and learn/teach new skills.
Experience conducting advance host/network/application penetration testing as a member of a technical team on live/operational systems
Perform reverse engineering and static/dynamic test of desktop/web applications to find security flaws like zero-day vulnerabilities
Review custom applications source code for security flaws and vulnerabilities
Perform full-scope penetration test activities like zero-day discovery, exploit development and exploitation of vulnerabilities on operational network infrastructure devices, services, various operating systems and desktop/web applications
Test the exploitation of security policies and access controls in restricted/secure environments (e.g. GPO bypass, privilege escalation and A/V evasion)
Capable of doing the necessary research and development to produce TTPs and products (e.g. exploits, applications, etc.) to achieve systems exploitation
Work extensively from the Windows and UNIX/Linux command line (e.g. Bash and PowerShell)
Able to test, identify and exploit vulnerabilities in web applications without the use of scanning tools
Informed in current information security threats, trends and vulnerabilities
Research and formulate recommendations for vulnerabilities
Employ extensive use of Microsoft Office main tools: Word, Excel, PowerPoint and Visio to prepare plans, reports, diagrams, tables, briefings, etc.
Be able to present, demonstrate, explain and document operational impact of a particular vulnerability or the combination of many vulnerabilities and flaws
Develop proof-of-concept examples and scenarios for reports and live demonstrations
Create/document tactic, techniques and procedures (TTP) to train and expand/share knowledge with customers and other team members
TYPICAL EDUCATION AND EXPERIENCE:
Bachelors degree and nine (9) years or more experience; Masters and seven (7) years or more experience ; PhD and four (4) years or more experience.
SAIC is a premier technology integrator, solving our nation’s most complex modernization and systems engineering challenges across the defense, space, federal civilian, and intelligence markets. Our robust portfolio of offerings includes high-end solutions in systems engineering and integration; enterprise IT, including cloud services; cyber; software; advanced analytics and simulation; and training. We are a team of 23,000 strong driven by mission, united purpose, and inspired by opportunity. Headquartered in Reston, Virginia, SAIC has annual revenues of approximately $6.5 billion. For more information, visit saic.com. For information on the benefits SAIC offers, see Working at SAIC. EOE AA M/F/Vet/Disability