Exploitation Developer for Red Team jobs in United States
cer-icon
Apply on Employer Site
company-logo

BreakPoint Labs · 4 months ago

Exploitation Developer for Red Team

positionFort Belvoir, VA
timeFull-time
remoteOnsite
seniorityMid Level

BreakPoint Labs is a small business cybersecurity services firm dedicated to effective cybersecurity operations. They are seeking Cyber Red Team Developers to create innovative tools for offensive cyber operations and support assessments of critical DoD and U.S. Government networks.

Cyber SecurityHardware
check
Growth OpportunitiesbadNo H1BnoteSecurity Clearance RequirednoteU.S. Citizen Onlynote

Responsibilities

Implement an agile software development methodology to deliver custom Cyber Red Team tools for use in post-exploitation activities
Expand command and control (C2) (e.g., Cobalt Strike) capabilities using Beacon Object Files (BOFs), user-defined reflective loaders (UDRL), Aggressor Scripts (CNAs), and C/C++/C# tools
Develop unique red team assessment tools for remote, local, and persistent cyber operations, including an implant, C2 server, redirector, and operator client
Develop shell scripts (e.g., PowerShell, Bash, CMD) if the capability cannot be developed using a more advanced method such as BOF, URDL, or the in-memory deployment of C/C++/C#
Extend existing Windows implant capabilities for Linux, MacOS, embedded systems, real-time operating systems, and Cisco IOS via designated C2 platform (e.g. Cobalt Strike) Beacon or boutique implant
The expected ratio of program languages utilized is: 50% C / C++ (Beacon Object Files), 25% Sleep (CNAs), 15% C#, 10% Other
All development should be designed to integrate within the designated C2 platform (e.g., Cobalt Strike) seamlessly, in order to streamline use by Cyber Red Team Operators
The preference for all tools that will integrate with designated C2 platform (e.g., Cobalt Strike) will be a BOF, URDL, C#, or shell script in that order
All capabilities will be delivered with a CNA for easy deployment within designated C2 platform (e.g., Cobalt Strike) beacon, as applicable
Ensure all tools developed can bypass antivirus software
Develop modular tools in a style that is conducive to discrete unit tests
Occasional meetings will be required onsite at Ft. Belvoir. Candidates must live within a commutable distance

Qualification

C/C++C#Cobalt StrikeAgile/ScrumOffensive Security CertificationsCyber Red TeamingMalware DevelopmentNetwork Penetration TestingCyber Incident ResponseSoft Skills

Required

Must live within a commutable distance to Fort Belvoir, VA
Proficient in offensive capability development for Windows environments
Proficient in C and C# and BOFs
Experience working in an agile/scrum environment
Ability and willingness to complete client technical aptitude test to validate minimum technical proficiency level
Experience in host-based computer forensics, network-based forensics, cyber incident response, cyber-criminal investigation, intrusion detection/analysis, designing countermeasures and mitigations against potential exploitations of programming language weaknesses and vulnerabilities, cyber red teaming, network penetration testing, security operations center analysis, defensive cyber operations, or offensive cyber operations
Experience in malware development, analysis, binary disassembly, binary decomplication, network/communication protocol analysis, software vulnerability research, or software exploit development
Offensive Security professional certifications
Must be a U.S. Citizen
Ability to process for and be awarded a DoD Security Clearance up to Top Secret

Preferred

Experience in host-based computer forensics, network-based forensics, cyber incident response, cyber-criminal investigation, intrusion detection/analysis, designing countermeasures and mitigations against potential exploitations of programming language weaknesses and vulnerabilities, cyber red teaming, network penetration testing, security operations center analysis, defensive cyber operations, or offensive cyber operations
Experience in malware development, analysis, binary disassembly, binary decomplication, network/communication protocol analysis, software vulnerability research, or software exploit development
Offensive Security professional certifications
Red Team Apprentice Course (RTAC)
Red Team Journeyman Course (RTJC)
Certified Red Team Operator (CRTO) certification
Offensive Security Certified Professional (OSCP)
Rogue Ops- Red Team 1 (ROPS)
GIAC Exploit Researcher & Advanced Penetration Tester (GXPN)
GIAC Penetration Tester (GPEN)
GIAC Web Application Penetration Tester (GWAP)

Company

BreakPoint Labs

twittertwittertwitter
company-logo
BreakPoint Labs is dedicated to providing the methods and means for sustainable, measurable, and effective cybersecurity operations.
dateFounded in 2015
location
Falls Church, Virginia, USA
people-size51-200 employees
web-link
https://breakpoint-labs.com

Funding

Current Stage
Growth Stage

Leadership Team

leader-logo
Thomas George
CEO
linkedin

Recent News

PR Newswire
BreakPoint Labs Awarded SeaPort Next Generation (NxG) Prime Contract
2025-01-16
PRWeb
BreakPoint Labs Named to 2023 Washington Technology Fast 50 List
2024-01-29
PRWeb
BreakPoint Labs Awarded DHS Contract for Zero Trust Oversight Services
2024-01-12
Company data provided by crunchbase