Cyber Security Engineer

Job Description

Company: Blue Iris Tech Consulting, Inc.

Location: Fort Belvoir, US

About the Company

Blue Iris Tech is an 8(a) / Economically Disadvantaged Woman Owned Small Business(EDWOSM) that has the worked with several government agencies to include Veteran Affairs (VA), Defense Health Agency (DHA), Defense Threat Reduction Agency (DTRA), Defense Logistics Agency (DLA), US Department of Agriculture (USDA), National Geospatial Intelligence Agency (NGA), and Internal Revenue Service, along with continuing to expand in different government agencies.

About the Role

The role involves designing, developing, testing, and maintaining offensive cyber capabilities and mission-focused software solutions supporting Computer Network Operations (CNO).

Responsibilities
• Design, develop, test, and maintain offensive cyber capabilities and mission-focused software solutions supporting Computer Network Operations (CNO).
• Develop custom tools, payloads, exploit frameworks, and Beacon Object Files (BOFs) for operational use.
• Conduct vulnerability research, exploit development, and n-day weaponization targeting Windows, wireless, and mobile (Android/iOS) platforms.
• Support cyber-enabled close access operations through capability development and operational integration.
• Perform reverse engineering, binary analysis, and malware analysis on applications, protocols, and operating systems.
• Develop and maintain Windows-based offensive tooling using C, C#, Win32 APIs, and low-level system programming techniques.
• Research and develop methods for bypassing security mitigations including NX, ASLR, and advanced exploit protection mechanisms.
• Conduct dynamic analysis and debugging using industry-standard debuggers and reverse engineering tools.
• Develop and integrate offensive capabilities within C2 frameworks, including Cobalt Strike and similar platforms.
• Support AV/EDR evasion research, testing, and implementation activities.
• Develop and maintain Windows kernel modules and other low-level operating system components as required.
• Analyze network protocols and communication mechanisms to support cyber operations and exploit development.
• Collaborate with operators, analysts, and engineers to support mission objectives and operational requirements.
• Participate in Agile/Scrum software development activities including sprint planning, code reviews, testing, and technical documentation.
• Ensure all developed capabilities meet operational security, performance, and mission requirements.
• Maintain technical documentation, testing artifacts, and operational support materials.
• Stay current with emerging cyber threats, exploit techniques, malware trends, and offensive cyber technologies.

Qualifications
• Active TS/SCI Clearance.
• Must have 3+ years of experience as a software developer.
• Proficient in C, C#, and BOFs (Beacon Object Files).
• Must demonstrate expertise supporting cyber-enabling close access operations.
• Demonstrated experience with vulnerability research, exploitation, and n-day weaponization against wireless and mobile (Android/iOS) targets.
• Must pass the DCART Senior Developer aptitude test prior to joining DCART as an Operator.

Required Skills
• 1+ years of experience in offensive capability development for Windows environments.
• 1+ years of experience working in Agile/Scrum environments.
• Experience with C2 frameworks, especially Cobalt Strike.

Experience with:
• Host-based computer forensics
• Network-based forensics
• Cyber incident response
• Cyber-criminal investigations
• Intrusion detection and analysis
• Designing countermeasures and mitigations against exploitation of programming language weaknesses and vulnerabilities
• Cyber red teaming
• Network penetration testing
• Security Operations Center (SOC) analysis
• Defensive cyber operations
• Offensive cyber operations
• Experience with malware development, malware analysis, binary disassembly, binary decompilation, network/communication protocol analysis, software vulnerability research, or software exploit development.
• 3–5 years of software development industry experience.
• Experience developing Windows kernel modules.
• Strong familiarity with Windows Active Directory.
• Experience developing exploits, shellcode, and bypassing mitigations such as non-executable stack (NX), ASLR, and advanced exploit mitigation techniques.
• Strong familiarity with Windows API/Win32 modules for tool development.
• Ability to conduct dynamic analysis using debuggers.
• Expertise in AV/EDR evasion techniques.

Preferred Skills
• Experience with offensive cyber operations.
• Experience with advanced exploit techniques.

Pay range and compensation package

The pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other laws.

Benefits Include:
• Medical, Dental, and Vision Insurance
• Federal Holidays
• Paid Time Off (PTO)
• Professional development and training opportunities
• Flexible work options (if applicable)
• 401K (coming soon)

Application Process

Interested candidates should submit their resumes to info@blueiristech.com or via the portal you are seeing this position. Applications will be reviewed on a rolling basis until the position is filled.

Equal Opportunity Statement

All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law.

Source: LinkedIn