Listing Description
Job Description
As attackers grow ever more sophisticated, red teams need the support of attack-minded software developers to deliver the tools necessary to emulate real threat actors. In order to maintain our status as one of the world’s top red teams, Mandiant needs software developers that can innovate new attacker tactics and tools.
A successful Red Team software developer at Mandiant should possess a deep understanding of both information security and computer science. They should understand basic concepts such as networking, applications, and operating system functionality and be able to learn advanced concepts such as application manipulation, exploit development, and stealthy operations. This is not your typical software developer position; we need developers with the Red Teamer mentality. If you can apply your offensive security expertise to develop tools tailored to the unique needs of the Mandiant red team, then you’re the type of developer we’re looking for.
You are expected to quickly assimilate new information and problem-solve, as you will face a wide variety of technical challenges associated with red team engagements, from automating exploitation tasks to developing scalable command & control protocols. You will get to work with some of the best red teamers in the industry, causing you to develop new skills as you progress through your career. Are you up to the challenge?
Responsibilities
- Develop reliable malware implants and stealthy command & control protocols.
- Develop scripts, tools, and methodologies to enhance Mandiant’s red teaming processes.
- Assist with red team exercises, network penetration tests, and web and mobile application tests to maintain an understanding of what tooling the team needs.
- Recognize and safely utilize attacker tools, tactics, and procedures.
- Develop comprehensive and accurate reports and presentations for both technical and executive audiences.
- Effectively communicate findings and strategy to client stakeholders including technical staff, executive leadership, and legal counsel.
- Assist with scoping prospective engagements, leading engagements from kickoff through remediation, and mentoring less experienced staff.
Qualifications
Software Development Skills; with 3+ years in at least 3 of the following:
- Frontend and backend web application development
- Preferred Frontend Framework: Vue.JS
- Preferred Backend Languages: Go, Python
- Developing CLI applications in Go, Python, or C#
- Windows, macOS, or Linux post-exploitation capability development in C , C++, or Objective-C
- In-memory capability development for Windows, macOS, or Linux (shellcode, reflective loaders, etc.)
- Evasive Windows shellcode loader development
Information Security Skills; with 3+ years in at least 2 of the following:
- Source code review for control flow and security flaws
- Network penetration testing and manipulation of network infrastructure
- Mobile and/or web application assessments
- Mastery of Unix/Linux/Mac/Windows operating systems, including bash and PowerShell
- Reverse engineering malware, data obfuscators, or ciphers
Listing Details
- Citizenship: Not Provided
- Incentives: Not Provided
- Education: Not Provided
- Travel: Not Provided
- Telework: Full Telecommute