Security Software Engineer/Penetration Tester - Clearance Required jobs in United States
cer-icon
Apply on Employer Site
company-logo

Cydecor, Inc. · 1 month ago

Security Software Engineer/Penetration Tester - Clearance Required

positionUnited States
timeFull-time
remoteRemote
senioritySenior Level
date5+ years exp

Cydecor, Inc. is a premier Federal Government solutions provider focused on advanced cybersecurity and software assurance efforts for U.S. Department of Defense systems. They are seeking a Security Software Engineer/Penetration Tester who will leverage technical expertise in software engineering and penetration testing to enhance security performance and mitigate vulnerabilities.

AppsConsultingSoftware
check
Growth OpportunitiesbadNo H1BnoteSecurity Clearance RequirednoteU.S. Citizen Onlynote

Responsibilities

Debug and reverse engineer software to identify vulnerabilities and optimize security performance
Analyze Windows Event logs, Linux syslogs, boot logs, and dmesg logs to identify anomalies and security concerns
Program and debug software using Web 2.0, Java, Perl, Ada, C++, and Tool Command Language (Tcl/Tk) scripts, including GUIs and configuration management tools such as Microsoft Visual Studio and Rational ClearCase
Recommend and implement software modifications to mitigate known vulnerabilities
Administer systems running HP-UX, UNIX, Solaris, Linux, and Microsoft Windows operating systems
Identify and remediate security flaws in both compiled and human-readable source code
Understand and work with real-time operating systems (VxWorks, LynxOS), CORBA, firewalls, and networking protocols
Implement NSA-approved encryption technologies and devices and apply DISA Security Technical Implementation Guides (STIGs)
Incorporate virtual hosting, server technologies, and deceptive technologies (e.g., honeypots) into system architectures
Perform and participate in code reviews, static source code analysis, and author recommendations to improve software design and security posture
Contribute to the System Security Administrator and Operator’s Manual (SSAOM) and ensure all cybersecurity documentation is maintained to DoD standards

Qualification

Penetration TestingSoftware EngineeringLinux AdministrationWindows AdministrationVulnerability MitigationPythonAWSCompTIA Linux+Certified Ethical HackerSoft Skills

Required

Five (5) years of software engineering experience supporting program development or modeling and simulation for DoD or IT systems
Five (5) years of Linux experience, demonstrating firm command-line and system administration skills
CompTIA Linux+ or FedVTE Linux+ (Linux)
Five (5) years of Windows experience with solid understanding of enterprise network environments
Microsoft course (MCSA; Various)
Strong working knowledge of common Penetration Testing (PENTEST) tools: Kali, Metasploit, NMAP, Cobalt Strike
Associated Training: Certified Ethical Hacker or Offensive Security Certified Professional
Documented experience in at least one of the following areas: Penetration Testing (PENTEST) (government or contractor), Red Team Operations (government or contractor), Tool/Software Development (exploits/malware, C2, reverse engineering, bug bounties), Python, C, C Sharp, C++, Go, Perl, Powershell, Web Dev/Web App Dev/Web Penetration testing, NSX, vCenter, vRealize Suite, Horizon View (VDI) and others, PAN-OS, FirePower, Nexus, IOS, ASA, ONTAP, SnapMirror, Active-Directory, Entra ID (Azure AD), Active Directory, SSO, MFA, Azure application integration, Identity Federation, automation using Powershell, PowerAutomate, Logic Apps, Graph API, Microsoft Entra ID and Microsoft 365 in a hybrid environment
Experience with Palo Alto, Cisco, VMWare, NetApp and Microsoft products
Extending or integrating on premises AD with Entra ID
Managing identity and access in Microsoft Entra ID
Experience conducting Red Team operations in an MDE environment
Experience with AWS, Cloud Audit, Serverless and Microservice Architecture
Experience working with AWS services (such as EC2, S3, KMS, RDS) and security best practices relevant to those services
Experience with Web Services penetration testing (RESTful and SOAP) Web Authentication protocols (e.g. OAuth2, SAML, LDAP)
PHP, ASP, SQL db's, Java, HTML, No SQL
Minimum IAT Level II certification per DoD 8570.01 (or successor)
Minimum penetration testing certification, holding at least one of the following: Offensive Security Certifications: OSCP, OSCE, OSEE, OSWP, SANS Certifications: GPEN, GWAPT, GXPN, or equivalent Red Team / Penetration Testing certifications, COAC Graduate (OSD-sponsored Cyber Operations Academy Course), Capture the Flag (CTF) participation (e.g., DEFCON, Over-The-Wire, Hack the Box, USS Secure CTFs)
Published security research resulting in a Common Vulnerabilities and Exposures (CVE) submission
Strong understanding of computer security principles, military system specifications, and DoD Cybersecurity policies for both land-based and afloat/tactical systems
Ability to communicate effectively and succinctly in both written and verbal formats
Active Top Secret clearance with SCI eligibility
Bachelor's degree

Preferred

Experience developing or integrating cyber tools for vulnerability research and exploitation testing
Experience leading software assurance or cyber tool development projects in classified environments
Familiarity with DoD Risk Management Framework (RMF) and A&A processes

Benefits

Health and Dental Insurance
Vision and Life Insurance
Short-Term & Long-Term Disability
401(K) + company match
Paid Time Off (PTO)
Paid Company Holidays
Tuition and Professional Development Assistance

Company

Cydecor, Inc.

twittertwittertwitter
company-logo
Cydecor is a premier veteran-owned Federal Government solutions provider, delivering differentiated innovations in mission systems and business platforms.
dateFounded in 2005
location
Charlotte, North Carolina, USA
people-size501-1000 employees
web-link
http://www.cydecor.com

Funding

Current Stage
Late Stage

Leadership Team

leader-logo
Nader Elguindi
President & CEO
linkedin
Company data provided by crunchbase