Exploit Developer/Penetration Tester 2/3 jobs in United States
info-icon
This job has closed.
company-logo

Northrop Grumman Australia ยท 5 days ago

Exploit Developer/Penetration Tester 2/3

positionUnited States-Virginia-Unknown City
timeFull-time
remoteHybrid
seniorityMid, Senior Level
money$92K/yr - $171K/yr
date6+ years exp

Northrop Grumman is a leading aerospace and defense technology company, seeking an Exploit Developer/Penetration Tester to join their Cyber Assessment Tiger Team. The role involves conducting penetration testing and developing exploits to enhance the security and resilience of their products and systems.

Defense & Space
badNo H1BnoteSecurity Clearance RequirednoteU.S. Citizen Onlynote

Responsibilities

Code analysis & hardware/binary reverse engineering to identify functionality and vulnerabilities on hardware & software including avionics and embedded systems
Evaluate system security configurations for effectiveness and exploitation opportunities
Develop and execute complete adversarial cyber testing scenarios against components, applications, operating systems, or complete integrated systems
Contribute to the design, development, implementation, and integration of Offensive Cyber Operations tools against platforms, payloads & systems
Contribute to the design, development, implementation, and integration of system Cyber Survivability Attributes
Contribute to the preparation and presentation of technical reports and briefings
Continually improve the knowledge and capabilities of yourself & the greater team

Qualification

Cyber SecurityPenetration TestingExploit DevelopmentSoftware DevelopmentReverse EngineeringTechnical CertificationsOperating SystemsTechnical Report WritingCuriosityCommunicationTeam Collaboration

Required

For level 2: a minimum of High School Diploma, or a GED, and 6 years of experience with Cyber Security, Red Team, Penetration Testing, or Exploit Development is required
For level 3: a minimum of High School Diploma, or a GED, and 9 years of experience with Cyber Security, Red Team, Penetration Testing, or Exploit Development is required
Must have experience in software development to support penetration testing, including vuln dev, R/E tool modules, covert tunneling, scanning scripts, and passive collection
Must have 2 years of experience in at least three (3) of the following languages: C, C++, C#, Python, Ruby, Rust, Bourne/Bash, PowerShell, Visual Basic, Go, PHP, Javascript, HTML
Must be willing to travel domestically and internationally (up to 25% per year)
Must have the ability to obtain, and maintain, a DOD Top Secret security clearance as a condition of continued employment. Additional clearances may also be required for certain government programs

Preferred

The ideal candidate will have a BS degree in Software Development, Computer Engineering, Computer Science, or other similar STEM related degree, to include 9 years of experience in Cyber Protection
Technical computer/network knowledge and understanding of common computer hardware, software, networks, communications and connectivity
Experience conducting full-scope assessments and penetration tests including: social engineering, server & client-side attacks, protocol subversion, physical access restrictions, and web application exploitation
Proficiency in the internal workings of either Linux, Unix, and/or Windows operating systems
Experience using scan / attack / assess tools and techniques
Ability and desire to learn additional Operating Systems, Computing Architectures, and Programming languages
Demonstrated experience in technical report writing
Technical certifications that support pen testing such as OSCP/OSCE/OSEE, GPEN/GXPN
Software/hardware reverse engineering for vulnerability and exploit R&D
RTOS experience (Integrity, Nucleus, VxWorks, etc.)
Experience developing, exploiting and jailbreaking GenAI and Agentic solutions
PowerPC, ARM, Xilinx FPGA, RISCx, other hardware computing development experience
Assembly language experience (any current architecture/OS)
TCP/IP MITM, spoofing, exploitation experience
Platform communications protocol expertise (ARINC 429, MIL-STD-1553, Spacewire, etc.)
Cryptanalysis and cryptosystem exploitation experience
In depth understanding of layer 2-7 communication protocols, common encoding and encryption schemes and algorithms
Understanding of and experience either executing or defending against complex, targeted cyber threats to high-value systems and data
Active Top Secret, and/or SCI access with an SSBI completed within the past 4 years, is highly desirable

Benefits

Health insurance coverage
Life and disability insurance
Savings plan
Company paid holidays
Paid time off (PTO) for vacation and/or personal business

Company

Northrop Grumman Australia

twitter
company-logo
Northrop Grumman Australia is the Australia-based arm of Northrop Grumman Corporation and committed to generating long-term prosperity, investing in advanced Research & Development, sovereign and exportable Intellectual Property, high-quality jobs and long-term technology leadership across the Commonwealth.
location
Canberra, AU
people-size501-1000 employees
web-link
https://www.northropgrumman.com/australia

Funding

Current Stage
Late Stage
Company data provided by crunchbase