Apply on Employer Site

MKS2 Technologies · 1 day ago

Security Software Engineer

Dahlgren, VA (Hybrid)

Full-time

Hybrid

Senior Level

5+ years exp

MKS2 Technologies, LLC is an award-winning high growth small business that specializes in Cyber Security, Instructional Design, and Software Engineering. They are seeking a highly skilled Security Software Engineer with expertise in Red Team penetration testing to support advanced cybersecurity operations within DoD environments, focusing on secure software development and vulnerability assessments.

Cyber SecurityInformation TechnologySoftware

No H1B

Security Clearance Required

U.S. Citizen Only

Responsibilities

Conduct Red Team operations and penetration testing in MDE environments

Debug and reverse engineer software and analyze system logs (Windows Events, Linux syslog, boot logs, dmesg)

Identify and mitigate vulnerabilities in compiled and source code

Operate and administer systems running HP-UX, UNIX, Solaris, Linux, and Windows

Apply DISA STIGs and NSA encryption technologies

Design and implement deceptive technologies (e.g., honeypots)

Perform static source code analysis and participate in code reviews

Author recommendations for secure software design and contribute to SSAOM documentation

Integrate and manage identity and access across hybrid environments using Entra ID

Extend on-premises Active Directory with cloud identity solutions

Conduct security research leading to CVE publication

Participate in Capture the Flag (CTF) exercises (e.g., DEFCON, Hack the Box, OTW)

Qualification

Penetration TestingLinuxWindowsProgrammingCybersecurity OperationsSecure Software DevelopmentVulnerability AssessmentsAWS ServicesSoft Skills

Required

5+ years in software engineering applied to program development, modeling, and simulation for DoD or IT systems

5+ years of hands-on experience with Linux and Windows environments

COMPTIA Linux+ or FedVTE Linux+

Microsoft MCSA or equivalent Windows training

IAT Level II certification per DoD 8570.01 (or successor)

Penetration Testing Certification (one or more of the following): Offensive Security: OSCP, OSCE, OSEE, OSWP; SANS: GPEN, GWAPT, GXPN, SEC642, SEC564; OSD Cyber Operation Academy Course (COAC) graduate

Top Secret clearance

SCI eligible

Strong working knowledge of penetration testing tools: Kali, Metasploit, NMAP, Cobalt Strike

Programming and scripting proficiency in: Python, C, C++, C#, Go, Perl, Powershell

Web development and testing: PHP, ASP, Java, HTML, SQL/NoSQL, RESTful/SOAP APIs

Experience with Palo Alto, Cisco, VMWare, NetApp, and Microsoft products

Preferred

Enterprise technologies: NSX, vCenter, vRealize Suite, Horizon View; PAN-OS, FirePower, Nexus, IOS, ASA; ONTAP, SnapMirror, Active Directory, Entra ID (Azure AD), SSO, MFA; Microsoft 365 hybrid environments

Automation: Powershell, PowerAutomate, Logic Apps, Graph API

AWS services: EC2, S3, KMS, RDS; serverless and microservice architecture

Security protocols: OAuth2, SAML, LDAP