Exploit Developer with Security Clearance

This position is contingent upon contract award. Valiant is seeking to conditionally hire an Exploit Developer to perform vulnerability assessments on Department of Defense communications systems. The Exploit Developer shall be responsible for creating new and innovative tools for Red Cyberspace Operators to use in cyber assessment operations of U.S. Government and DoD critical networks. RESPONSIBILITIES • Conducting open-source research on cyber related vulnerabilities and exploitation development. • Reverse engineering source code to develop exploits. • Performing code review on all offensive scripts/code and shepherding them through all approval processes. • Developing, vetting, and validating exploits IAW DoD and Red Team policy and procedures prior to leveraging exploits for operations ICW technical oversight and guidance. • Keeping apprised of emerging cyber threats and attack methodologies and sharing this information with Red Team personnel to enhance cyber assessment efforts. • Analyzing operational TTPs and developing exploits and scripts to automate and improve operational processes. These products will be used to better emulate adversarial threats and attacks and demonstrate and exploit vulnerabilities to sensitive mission critical networks and systems. • Documenting safe and secure usage for internally and externally developed tools IAW with Red Team policies and procedures. • Leveraging proof of concept (POC) code to build/tailor exploits for use in Command and Control (C2) tools. • Support the development and tuning of C2 tools to enhance effectiveness and reduce detection likelihood. • Conduct analysis of physical and logical digital technologies (e.g., wireless, SCADA, telecom) to identify potential avenues of access. • Conduct independent in-depth target and technical analysis including target-specific information (e.g., cultural, organizational, political) that results in access. • Monitor target networks to provide indications and warning of target communications changes or processing failures. • Must possess an active TS/SCI Top Secret clearance. • Bachelor of Science degree in computer networks, cybersecurity or related major. In lieu of a degree, commensurate experience may be substituted. • Must possess current Department of Defense Information Assurance Technical (IAT) Level III and current Department of Defense Cyber Security Service Provider (CSSP) Auditor certifications as defined and described in DoD 8570.01 and 8570.01-M. At a minimum, to satisfy the DoD IAT Level III and CSSP Auditor certifications, the candidate must have successfully completed at least one course from each of these categories: o IAT Level III CAP CASP+ CE CISM CISSP (or Associate) GSLC CCISO HCISPP o CSSP Auditor CEH CySA+ (CSA+) CISA GSNA CFR PenTest • Senior-level knowledge of computer networks, industrial control systems, radio, wireless, and other communication systems. • Significant experience working hands-on with computer network modeling software and computer network vulnerability/compliance analysis software. • Strong proficiency in the Microsoft Office Suite of tools. • Ability to follow written and verbal instructions with a high degree for attention to detail. • Ability to prioritize work and complete multiple tasks under deadlines. • Excellent reasoning, communication, and problem-solving skills. • Ability to interact with employees from other departments or groups. • Must be capable of transporting and lifting 40-pound boxes of documents and equipment. • Must be able to travel unaccompanied to foreign and domestic locations. • Place of performance: Lorton, Virginia • Travel: All positions on an assessment team are deployable and must: Be able to travel on short notice, work non-standard hours and take on-call duty and have (or obtain) a passport. • Travel is 25% or greater and includes travel to national and international locations Equal Opportunity Employer Minorities/Women/Protected Veterans/Disabled

Created: 2025-11-15