Senior CNO Software Engineer - OS, Hypervisor, UEFI/...

Job DescriptionJob Description SummaryDraper’s Offensive Cyber Security Group is looking for a CNO Software Engineer to develop tailored solutions to meet our DoD and IC Sponsor directives. Our organization's not-for-profit status ensures a capability-driven focus on the United States of America's interests that allows us to address some of our Nation's most pressing challenges. Due to the variety of USG organizational needs, our technical efforts and opportunities vary from conventional cyber operations enablement tooling to embedded vulnerability research and exploit development on a wide range of devices and systems.Job DescriptionAssess hardware and software for security vulnerabilities using a breadth of technologies and techniques.Develop software that meets behavior and security requirements for tailored tegrate software capabilities with other tasks or groups to improve performance or behavior requirements.Create new tools and systems to detect and exploit vulnerabilities and system weaknesses.Document nominal application and system functionality, in addition to implemented changes.Drive solutions to complex problems with limited direction – contribute to requirements development, propose ways forward, and adapt appropriately to changes in requirements.Provide insight and suggest design modifications based on analysis outcomes, and apply analysis techniques across a range of technical disciplines.Identify program/system-level technical risks and develop and execute mitigation strategies.Actively mentor less experienced engineers and provide thoughtful, constructive feedback.Adopt a curiosity-driven approach to solving complex, customer-driven problems as part of a multi-disciplinary team.Collaborate and communicate effectively and openly with multi-disciplinary program team members, program leadership, and non-technical personnel.Be a team player able to work in a fast-paced environment with the ability to balance multiple competing tasks and demands.Experience5-10 years' experience in Cybersecurity or related field is required.Additional Job DescriptionSoftware DevelopmentProficiency in developing kernel modules, drivers, or firmware for Windows, GNU/Linux, RTOS, or UEFI/BIOS.Proficiency in implementing hypervisor internals, including VM lifecycle management and hardware emulation.Proficiency in crafting custom bootloaders or firmware instrumentation for forensic data collection (e.g. UEFI).Proficiency in techniques that prevent reverse engineering and employ obfuscation or diversification.System and ArchitectureProficiency with core workings of operating systems (user mode, kernel mode, boot processes), particularly in Windows, GNU/Linux, or RTOS contexts.Proficiency in analyzing OS internals for forensic evidence extraction.Proficiency in reverse engineering closed-source hypervisors, firmware, or OS components to uncover system artifacts.Proficiency in dissecting memory management, interrupt handling, and system calls for forensic traces or anomaly detection.Forensics and Incident ResponseProficiency in capturing and analyzing memory dumps, crash reports, runtime logs from OS and hypervisor environments.Proficiency in BIOS/UEFI forensic analysis, focusing on firmware modifications, bootkits, or tampered configurations.Proficiency in utilizing system internals to identify persistence mechanisms, hidden processes, or kernel-level rootkits.and DevelopmentProficiency with programming and their build systems such as: C, C++, Python, GoLang, Rust.Proficiency with software version control systems.Leadership and BusinessSuccessful history in authoring technical proposals and documents.Leadership in advanced R&D initiatives, including government-funded projects.Leadership of critical programs with more than two full time staff members.Proficient in teamwork and communication with diverse audiences.Applicants selected for this position will be required to obtain and maintain a government TS/SCI security clearance #J-18808-Ljbffr

Created: 2025-09-17