We are seeking a Senior Cyber Capability Developer to join a high-impact cybersecurity team supporting a Federal Law Enforcement client. This position combines offensive security techniques, secure software analysis, and reverse engineering to assess critical law enforcement systems. The ideal candidate will bring expert-level experience in static/dynamic code analysis, container and cloud security, and threat emulation in support of FBI mission systems. This position is hybrid supporting a Clarksburg, WV program and requires an active Top-Secret clearance.

 Essential Duties & Responsibilities:

Perform secure code reviews, binary reverse engineering, and software vulnerability assessments on FBI systems and applications. Conduct static and dynamic analysis on source code and compiled binaries using a range of scanning tools and manual methods. Support CJIS Security Assessments & Authorizations (SA&A) by testing conformance to FBI security standards, including FISMA and NIST 800-53 controls. Utilize automated and manual tools to analyze containers, infrastructure-as-code (IaC), web services, and open-source packages. Develop custom scripts, tooling, and frameworks to support penetration testing and software analysis workflows. Identify and document vulnerabilities, recommend remediation strategies, and support CJIS teams during incident response or red-teaming. Brief findings and provide technical guidance on secure development practices and OWASP Top 10 Maintain working knowledge of adversarial threat tactics, techniques, and procedures (TTPs

Required Skills & Experience 

Expert-level experience with tools such as: Burp Suite, OWASP Zap, Coverity, Black Duck, Trivy, Checkov, Red Hat ACS for Kubernetes Source code analysis in: C, C++, Java, Python, Bash, PowerShell, JavaScript, Objective C Experience with CI/CD integration, secure DevOps pipelines, Bitbucket, Bamboo Strong understanding of reverse engineering, malware analysis, and binary unpacking Familiarity with vulnerability and configuration scanning tools: Tenable, BigFix, Defender for Endpoint Active TS clearance required.

Desired Skills & Experience 

Six + years of experience Masters degree.  Additional years of experience in lieu of degree will be considered COMPTIA Security+, Certified Ethical Hacker (CEH), or equivalent credential Experience supporting federal assessment & authorization (A&A) or penetration test engagements Understanding of cloud-native security controls for AWS and Kubernetes environments Knowledge of hardware/firmware analysis, dynamic taint analysis, or memory forensics Experience leading briefings and technical write-ups for security accreditation, audit, or red team reviews

Application Deadline:  9-5-2025

# CJPOST #LI-SA

 

The SMX salary determination process takes into account a number of factors, including but not limited to, geographic location, Federal Government contract labor categories, relevant prior work experience, specific skills, education and certifications. At SMX, one of our Core Values is to Invest in Our People so we offer a competitive mix of compensation, learning & development opportunities, and benefits. Some key components of our robust benefits include health insurance, paid leave, and retirement.

The proposed salary for this position is:$95,600—$159,300 USD

 

At SMX®, we are a team of technical and domain experts dedicated to enabling your mission. From priority national security initiatives for the DoD to highly assured and compliant solutions for healthcare, we understand that digital transformation is key to your future success.

We share your vision for the future and strive to accelerate your impact on the world. We bring both cutting edge technology and an expansive view of what’s possible to every engagement. Our delivery model and unique approaches harness our deep technical and domain knowledge, providing forward-looking insights and practical solutions to power secure mission acceleration.

SMX is an Equal Opportunity employer including disabilities and veterans.

Selected applicant may be subject to a background investigation and/or education verification.