You are viewing a preview of this job. Log in or register to view more details about this job.

Offensive Cybersecurity Intern

Draper
Email

Draper’s Offensive Cyber Security Group is looking for a CNO Software Engineer Intern to work with senior team members and help develop tailored solutions to meet our DoD and IC Sponsor directives. Due to the variety of USG organizational needs, our technical efforts and opportunities vary from conventional cyber operations enablement tooling to embedded vulnerability research and exploit development on a wide range of devices and systems. Successful candidates are self-starters and team-players with a desire to learn new things and advance technology.

Job Description:

Assess hardware and software for security vulnerabilities using a breadth of technologies and techniques.

Develop software that meets behavior and security requirements for tailored applications.

Support creation of new tools and systems to detect and exploit vulnerabilities and system weaknesses.

Document nominal application and system functionality, in addition to implemented changes.

Provide insight and suggest design modifications based on analysis outcomes, and to apply analysis techniques across a range of technical disciplines.

Curiosity-driven approach to solving complex, customer-driven problems as part of a multi-disciplinary team.

Additional Job Description:

Software Development:

Familiarity with developing kernel modules, drivers, or firmware for Windows, GNU/Linux, RTOS, or UEFI/BIOS.

Familiarity with implementing hypervisor internals, including VM lifecycle management and hardware emulation.

Familiarity with crafting custom bootloaders or firmware instrumentation for forensic data collection (e.g. UEFI).

Familiarity with techniques that prevent reverse engineering and employ obfuscation or diversification.

System and Architecture:

Familiarity with core workings of operating systems (user mode, kernel mode, boot processes), particularly in Windows, GNU/Linux, or RTOS contexts.

Familiarity with analyzing OS internals for forensic evidence extraction.

Familiarity with reverse engineering closed-source hypervisors, firmware, or OS components to uncover system artifacts.

Familiarity with dissecting memory management, interrupt handling, and system calls for forensic traces or anomaly detection.

Forensics and Incident Response:

Familiarity with capturing and analyzing memory dumps, crash reports, runtime logs from OS and hypervisor environments.

Familiarity with BIOS/UEFI forensic analysis, focusing on firmware modifications, bootkits, or tampered configurations.

Familiarity with utilizing system internals to identify persistence mechanism, hidden processes, or kernel-level rootkits.

Languages and Development:

Proficiency with programming languages and their build systems such as: C, C++, Python, GoLang, Rust.