Cyber Tool Developer

Job Description

Job Title: Cyber Tool Developer

Job Location: Coronado, CA

Required shift coverage: DAY SHIFT (07:30 AM/0730 - 4:00 PM/1600)

Last day to apply: 24-Oct-2023

Job Type: Remote

ANGARAI - Project Management firm based out of College Park, MD.

ANGARAI is a professional management firm that is driven by excellence. We provide ample opportunities for growth in a challenging, yet closely-knit atmosphere. Our key focus is on providing holistic solutions that is a win-win for both the Client (State, Federal, or Private) and us.

Job Description:

ANGARAI is seeking a professional Cybersecurity Tool Developer for a client project.

Roles and Responsibilities:

Analyze the results from automated assessment tools to validate findings, determine their business impact, and eliminate false positives.

Use commercial and open source network cyber assessment tools (e.g. Core Impact, Nmap, Metasploit, and Nessus).

Manually discover key application flaws.

Research various cyber actors' TTPs, organizational structures, capabilities, personas, and environments, and integrate findings into Cyber Blue Teaming or penetration test operations.

Develop and utilize testing methodology for threat emulation and vulnerability validation.

Provide support to working groups, planning groups, operational planning teams, conferences, table top exercises, war games and operational experiments.

Contribute findings to Blue Team reporting.

Understand Navy networks for compliance with applicable DOD and Navy instructions and directives.

Liaise with various DOD components concerning web vulnerability scanning and compliance guidelines and issues.

Minimum Qualifications and Experience:

Must possess a minimum of five (5) years of experience in providing highly technical subject matter expertise and expert guidance to government personnel in the execution of operations and demonstrated experience in at least five of the following areas:

Hands-on experience performing Penetration Tests and Vulnerability Analysis for applications, network infrastructure and operating system infrastructures.

Create or develop scripts that generate findings or reports by ingesting data from data sets taken during assessments and utilizing proven/formal processes, industry standards, and tools to include but not limited to: Perl, Shell, or other scripting/coding languages.

Recommend solutions by defining database's physical structure and functional capabilities, database security, back-up and recovery specifications

Conduct system or database performance monitoring and tuning

Conduct training programs for staff on current and newly developed cyber tools.

Work closely with an internal cross-functional team to create and/or customize themes, plugins, and extensions to support vulnerability discovery and reporting.

Designs and implements new Stored Procedures and optimizes existing processing and publishing codes to improve performance and system stability

Identifying mission area-related concepts and technologies for examining technology, including protocols, languages, clients, and server architectures, from the attacker's perspective.

Developing and supporting development of Navy mission areas-related operational concepts, tactics, and experimental concepts and technologies.

Provide subject matter expertise and guidance utilizing tools and techniques to conduct cyber vulnerability assessments of public facing IP addresses.

Familiarity with National Institute of Standards and Technology (NIST) Special Publications.

Possess a number of technical certifications, or similar, from the following list:

Bachelor's or Master's in Cyber, Computer Science or related Engineering discipline

Offensive Security Certified Professional (OSCP)

CompTIA Advanced Security Practitioner (CASP+)

Linux +

GIAC Penetration Tester (GPEN)

Certified Ethical Hacker (CEH) certification

GCFE - Windows Forensic Analysis

GCFA - Advanced Digital Forensics, Incident Response, and Threat Hunting

GNFA - Advanced Network Forensics: Threat Hunting, Analysis, and Incident Response

Have a working level ability with one of the below programing languages :Python, Javascript, SQL

Familiarity with Navy Information System Architecture.