Security Software Engineer

Security Software EngineerClearance Requirement:  Top Secret clearances; must be SCI eligibleLocation: Dahlgren, VAPosition Type: Full-Time

Overview

We are seeking a highly skilled Security Software Engineer with Red Team penetration testing expertise to support advanced cybersecurity operations within DoD environments. This role demands a deep understanding of software engineering, penetration testing tools, and secure system architecture across both Linux and Windows platforms. Candidates will contribute to offensive security operations, vulnerability assessments, and secure software development for mission-critical systems.

Minimum Qualifications

• Experience:
  • 5+ years in software engineering applied to program development, modeling, and simulation for DoD or IT systems
  • 5+ years of hands-on experience with Linux and Windows environments
• Training & Certifications:
  • COMPTIA Linux+ or FedVTE Linux+
  • Microsoft MCSA or equivalent Windows training
  • IAT Level II certification per DoD 8570.01 (or successor)
  • Penetration Testing Certification (one or more of the following):
  • Offensive Security: OSCP, OSCE, OSEE, OSWP
  • SANS: GPEN, GWAPT, GXPN, SEC642, SEC564
  • OSD Cyber Operation Academy Course (COAC) graduate

Security Clearance:

•  Top Secret clearance
•  SCI eligible

Technical Skills & Tools

• Strong working knowledge of penetration testing tools: Kali, Metasploit, NMAP, Cobalt Strike
• Programming and scripting proficiency in: Python, C, C++, C#, Go, Perl, Powershell
• Web development and testing: PHP, ASP, Java, HTML, SQL/NoSQL, RESTful/SOAP APIs
• Enterprise technologies:
• NSX, vCenter, vRealize Suite, Horizon View
• PAN-OS, FirePower, Nexus, IOS, ASA
• ONTAP, SnapMirror, Active Directory, Entra ID (Azure AD), SSO, MFA
• Microsoft 365 hybrid environments
• Automation: Powershell, PowerAutomate, Logic Apps, Graph API
• AWS services: EC2, S3, KMS, RDS; serverless and microservice architecture
• Security protocols: OAuth2, SAML, LDAP
• Experience with Palo Alto, Cisco, VMWare, NetApp, and Microsoft products

Core Responsibilities

• Conduct Red Team operations and penetration testing in MDE environments
• Debug and reverse engineer software and analyze system logs (Windows Events, Linux syslog, boot logs, dmesg)
• Identify and mitigate vulnerabilities in compiled and source code
• Operate and administer systems running HP-UX, UNIX, Solaris, Linux, and Windows
• Apply DISA STIGs and NSA encryption technologies
• Design and implement deceptive technologies (e.g., honeypots)
• Perform static source code analysis and participate in code reviews
• Author recommendations for secure software design and contribute to SSAOM documentation
• Integrate and manage identity and access across hybrid environments using Entra ID
• Extend on-premises Active Directory with cloud identity solutions
• Conduct security research leading to CVE publication
• Participate in Capture the Flag (CTF) exercises (e.g., DEFCON, Hack the Box, OTW)