Exploit Developer/Penetration Tester 2/3 jobs in United States
cer-icon
Apply on Employer Site
company-logo

Northrop Grumman · 3 days ago

Exploit Developer/Penetration Tester 2/3

positionVA
timeFull-time
remoteHybrid
seniorityMid, Senior Level
money$92K/yr - $138K/yr
date6+ years exp

Northrop Grumman is a leader in technological advancements and is seeking an Exploit Developer/Penetration Tester to join their Cyber Assessment Tiger Team. The role involves conducting penetration testing, developing exploits, and improving the security of various systems to ensure mission success for their customers.

AerospaceData IntegrationManufacturingRemote SensingSecurity
check
Growth OpportunitiesbadNo H1BnoteSecurity Clearance RequirednoteU.S. Citizen Onlynote

Responsibilities

Code analysis & hardware/binary reverse engineering to identify functionality and vulnerabilities on hardware & software including avionics and embedded systems
Evaluate system security configurations for effectiveness and exploitation opportunities
Develop and execute complete adversarial cyber testing scenarios against components, applications, operating systems, or complete integrated systems
Contribute to the design, development, implementation, and integration of Offensive Cyber Operations tools against platforms, payloads & systems
Contribute to the design, development, implementation, and integration of system Cyber Survivability Attributes
Contribute to the preparation and presentation of technical reports and briefings
Continually improve the knowledge and capabilities of yourself & the greater team

Qualification

Cyber SecurityPenetration TestingExploit DevelopmentSoftware DevelopmentReverse EngineeringLinuxWindowsCPythonTCP/IPCryptanalysisTechnical CertificationsAssembly LanguageTechnical Report WritingSoft Skills

Required

For level 2: a minimum of High School Diploma, or a GED, and 6 years of experience with Cyber Security, Red Team, Penetration Testing, or Exploit Development is required
For level 3: a minimum of High School Diploma, or a GED, and 9 years of experience with Cyber Security, Red Team, Penetration Testing, or Exploit Development is required
Must have experience in software development to support penetration testing, including vuln dev, R/E tool modules, covert tunneling, scanning scripts, and passive collection
Must have 2 years of experience in at least three (3) of the following languages: C, C++, C#, Python, Ruby, Rust, Bourne/Bash, PowerShell, Visual Basic, Go, PHP, Javascript, HTML
Must be willing to travel domestically and internationally (up to 25% per year)
Must have the ability to obtain, and maintain, a DOD Top Secret security clearance as a condition of continued employment. Additional clearances may also be required for certain government programs

Preferred

The ideal candidate will have a BS degree in Software Development, Computer Engineering, Computer Science, or other similar STEM related degree, to include 9 years of experience in Cyber Protection
Technical computer/network knowledge and understanding of common computer hardware, software, networks, communications and connectivity
Experience conducting full-scope assessments and penetration tests including: social engineering, server & client-side attacks, protocol subversion, physical access restrictions, and web application exploitation
Proficiency in the internal workings of either Linux, Unix, and/or Windows operating systems
Experience using scan / attack / assess tools and techniques
Ability and desire to learn additional Operating Systems, Computing Architectures, and Programming languages
Demonstrated experience in technical report writing
Technical certifications that support pen testing such as OSCP/OSCE/OSEE, GPEN/GXPN
Software/hardware reverse engineering for vulnerability and exploit R&D
RTOS experience (Integrity, Nucleus, VxWorks, etc.)
Experience developing, exploiting and jailbreaking GenAI and Agentic solutions
PowerPC, ARM, Xilinx FPGA, RISCx, other hardware computing development experience
Assembly language experience (any current architecture/OS)
TCP/IP MITM, spoofing, exploitation experience
Platform communications protocol expertise (ARINC 429, MIL-STD-1553, Spacewire, etc.)
Cryptanalysis and cryptosystem exploitation experience
In depth understanding of layer 2-7 communication protocols, common encoding and encryption schemes and algorithms
Understanding of and experience either executing or defending against complex, targeted cyber threats to high-value systems and data
Active Top Secret, and/or SCI access with an SSBI completed within the past 4 years, is highly desirable

Benefits

Health insurance coverage
Life and disability insurance
Savings plan
Company paid holidays
Paid time off (PTO) for vacation and/or personal business

Company

Northrop Grumman

twittertwittertwitter
Glassdoor4.0
company-logo
Northrop Grumman is an aerospace, defense and security company that provides training and satellite ground network communications software.
dateFounded in 1994
location
Falls Church, Virginia, USA
people-size10001+ employees
web-link
https://www.northropgrumman.com

Funding

Current Stage
Public Company
Total Funding
$3.7B
Key Investors
U.S. Department of DefenseNASA
2025-05-27Post Ipo Debt· $1B
2024-01-29Post Ipo Debt· $2.5B
2023-12-20Grant· $72M

Leadership Team

leader-logo
Tom Wilson
Corporate Vice President, Enterprise Business Development
linkedin
leader-logo
Jeffrey Worsham
Chief Product Owner - Advanced Technology Development
linkedin

Recent News

Investing.com
US stock futures dip; defense firms climb up Trump budget plans
2026-01-09
Benzinga.com
Stock Market Today: S&P 500, Dow Jones Futures Decline — AZZ, Northrop Grumman, Immuneering In Focus
2026-01-09
Investing.com
Alphabet, Nvidia and Lockheed Martin rise premarket; Alcoa falls
2026-01-09
Company data provided by crunchbase