Exploit Development / Penetration Tester

At Northrop Grumman, our employees have incredible opportunities to work on revolutionary systems that impact people's lives around the world today, and for generations to come. Our pioneering and inventive spirit has enabled us to be at the forefront of many technological advancements in our nation's history - from the first flight across the Atlantic Ocean, to stealth bombers, to landing on the moon. We look for people who have bold new ideas, courage and a pioneering spirit to join forces to invent the future, and have fun along the way. Our culture thrives on intellectual curiosity, cognitive diversity and bringing your whole self to work — and we have an insatiable drive to do what others think is impossible. Our employees are not only part of history, they're making history.

Northrop Grumman is seeking creative, skilled, and motivated Exploit Development / Penetration Tester security professional to join our Cyber Assessment Tiger Team in Fairfax, VA. The role is focused on vulnerability research, reverse engineering, and exploit development against Northrop Grumman’s systems, products & services. CATT conducts full-scope vulnerability assessment, exploit development, and penetration testing against Space Systems, Aeronautics, Mission Systems, manufacturing and enterprise IT.

To succeed, the team member must have an intense desire to exploit real production or R&D satellites, avionics, and weapons systems, and be knowledgeable in a wide range of security issues including various computing architectures, network comms protocols, programming languages and defenses.

Position conducts network or software vulnerability assessments and penetration testing, utilizing reverse engineering techniques. It perform vulnerability analysis and exploitation of applications, operating systems, or networks. Also identifies intrusion or incident path and method. Isolates, blocks or removes threat access. Evaluates system security configurations. Evaluates findings and performs root cause analysis. Performs analysis of complex software systems to determine both functionality and intent of software systems. Resolves highly complex malware and intrusion issues. Contributes to the design, development and implementation of countermeasures, system integration, and tools specific to Cyber and Information Operations. May prepare and presents technical reports and briefings. May perform documentation, vetting and weaponization of identified vulnerabilities for operational use.

Responsibilities include:

• Code analysis & hardware/binary reverse engineering to identify functionality and vulnerabilities on hardware & software including avionics and embedded systems
• Evaluate system security configurations for effectiveness and exploitation opportunities
• Develop and execute complete adversarial cyber testing scenarios against components, applications, operating systems, or complete integrated systems
• Contribute to the design, development, implementation, and integration of Offensive Cyber Operations tools against platforms, payloads & systems
• Contribute to the design, development, implementation, and integration of system Cyber Survivability Attributes
• Contribute to the preparation of technical reports and briefings
• Continually improve the knowledge and capabilities of yourself & the greater team

This position requires occasional travel within the continental United States, as well as possible international travel (up to 25% of the time). The individual will be required to work from Fairfax, VA during the interim phase of employment. However, some level of remote work may be supported after initial start period. 

NOTE- This Evergreen requisition does not necessarily represent an actual opening. However, this requisition may be used to consider candidates across multiple technical disciplines, and/or various levels, for our future hiring needs.

Basic Qualifications: 

• High School Diploma, or a GED, and 2 years of experience with Cyber Security, Red Team, Penetration Testing, or Exploit Development is required
• Must have software development to support penetration testing, including vuln dev, R/E tool modules, covert tunneling, scanning scripts, and passive collection
• Must have 2 years of experience in at least three (3) of the following languages: C, C++, C#, Python, Ruby, Perl, Bourne/Bash, PowerShell, Visual Basic, VBScript, PHP, Javascript, HTML
• Must be willing to travel domestically and internationally (up to 25% per year)  
• Must have the ability to obtain, and maintain, a DOD Top Secret security clearance, as well as an SCI access level, as a condition of continued employment. Additional clearances may also be required for certain government programs

Preferred Qualifications: 

• The ideal candidate will have a BS degree in Software Development, Computer Engineering, Computer Science, or other similar STEM related degree, to include 9 years of experience in Cyber Protection
• Technical computer/network knowledge and understanding of common computer hardware, software, networks, communications and connectivity
• Experience conducting full-scope assessments and penetration tests including:  social engineering, server & client-side attacks, protocol subversion, physical access restrictions, and web application exploitation
• Proficiency in the internal workings of either Linux, Unix, and/or Windows operating systems
• Experience using scan / attack / assess tools and techniques
• Ability and desire to learn additional Operating Systems, Computing Architectures, and Programming languages
• Demonstrated experience in technical report writing
• Technical certifications that support pen testing such as OSCP/OSCE/OSEE, GPEN/GXPN
• Software/hardware reverse engineering for vulnerability and exploit R&D
• RTOS experience (Integrity, Nucleus, VxWorks, etc.)
• PowerPC, ARM, Xilinx FPGA, RISCx, other hardware computing development experience
• Assembly language experience (any current architecture/OS)
• TCP/IP MITM, spoofing, exploitation experience
• Platform communications protocol expertise (ARINC 429, MIL-STD-1553, Spacewire, etc.)
• Cryptanalysis and cryptosystem exploitation experience
• In depth understanding of layer 2-7 communication protocols, common encoding and encryption schemes and algorithms
• Understanding of and experience either executing or defending against complex, targeted cyber threats to high-value systems and data
• Active Top Secret, and/or SCI access with an SSBI completed within the past 4 years, is highly desirable

Salary Range: $81,700 USD - $188,300 USD

Employees may be eligible for a discretionary bonus in addition to base pay. Annual bonuses are designed to reward individual contributions as well as allow employees to share in company results. Employees in Vice President or Director positions may be eligible for Long Term Incentives. In addition, Northrop Grumman provides a variety of benefits including health insurance coverage, life and disability insurance, savings plan, Company paid holidays and paid time off (PTO) for vacation and/or personal business.

The health and safety of our employees and their families is a top priority. The company encourages employees to remain up-to-date on their COVID-19 vaccinations. U.S. Northrop Grumman employees may be required, in the future, to be vaccinated or have an approved disability/medical or religious accommodation, pursuant to future court decisions and/or government action on the currently stayed federal contractor vaccine mandate under Executive Order 14042 https://www.saferfederalworkforce.gov/contractors/.

Northrop Grumman is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity/Affirmative Action Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. For our complete EEO/AA and Pay Transparency statement, please visit http://www.northropgrumman.com/EEO. U.S. Citizenship is required for most positions.