top of page

Join our Team

CAREERS

Become Part of the Cyber War

Our mission is simple: be better than the bad guys. This drive pushes us to push ourselves and unifies us to form a diverse community of security experts. We always ask questions, we always question why, we will push the envelope and have fun doing it.

Cybersecurity is Cyber-People

We believe that no amount of policy, procedure, action plans, best practices, scripts, and technology can replace the keystone of cybersecurity: people. And for us people are our secret weapon. Our culture strives to grow your career and profession because at the end of the day we are all on the same team. Flexible schedules, hot-sauce contests, and a fair amount of beer and coffee are to be expected. 

Software Developer II

Location: Quantico, VA

Schedule: Full Time

Clearance: Top Secret

Travel: None

Xyston, Inc. is an innovative growing company with a great work culture. We are looking for motivated team members to help us grow. Our mission is simple: be better than the bad guys. This drive pushes us to push ourselves and unifies us to form a diverse community of offensive security experts. We always ask questions, we always question why, we will push the envelope and have fun doing it. We believe that no amount of policy, procedure, action plans, best practices, scripts, and technology can replace the keystone of cybersecurity: people. And for us people are our secret weapon. Our culture strives to grow your career and profession because at the end of the day we are all on the same team. Flexible schedules, security conferences and a fair amount of social beverages are to be expected. TOP SECRET CLEARANCE REQUIRED WITH ABILITY TO GET TS/SCI Job Location: on-site Quantico, VA Functional Responsibilities: Designing, maintaining, and implementing GOTS software designed around a specific set of requirements or to use particular methodologies required to meet specific procedural requirements. The SD II shall design software tools that include system calls to other third-party tools and utilities specified. The SD II shall design, maintain, and implement original software applications from a high level, non-specific set of concepts provided by the government. SD II shall develop software, and application of large and complex software and systems, and web-based query and reporting systems, as well as knowledge of Information Security Systems (ISS) and security standards of Sensitive But Unclassified (SBU) and classified data. The SD II shall have knowledge of current Federal Information Security Management Act of 2002 (FISMA). The SD II shall support the unit with other duties as assigned within the scope of work Relevant Experience: a. Multiple programming languages necessary to meet a diverse set of requirements. The Contractor must be familiar with a variety of scripts, programming languages, and operating systems. Examples of relevant computer programming languages currently used to design and deploy components that include, but are not limited to: • C# • Python • PowerShell • ASP.NET • Structured Query Language (SQL) • Extensible Markup Language (XML) • Web Services Description Language (WSDL) • Angular • HTML • JavaScript • Microservices Architecture b. Identifying technical strategies to interconnect disparate software applications by authoring original software programs. c. Designing and authoring original software applications from a high level, non-specific set of concepts provided by the government d. Writing programs that achieve a desired outcome or workflow from nothing more than observation of desired outcomes, workflows, or from vague original concepts e. Producing specifications and design documentation including: o Process Flow o Class Diagrams o Sequence Diagrams o Physical Architecture o System and Web Service Interface Specifications o Data Dictionary o Data Model f. Creating project work estimates g. Implementing solutions and identify operational or management issues h. Systems designing, policy development, and database development and management, and user interface development i. Utilizing available Commercial Off The Shelf (COTS) software to the maximum extent practicable in designing software applications, avoiding implementation of a proprietary system Preferred Skills are also listed below: • C# • Python • PowerShell • ASP.NET • Structured Query Language (SQL) • Extensible Markup Language (XML) • Web Services Description Language (WSDL) • Angular • HTML • JavaScript • Microservices Architecture Minimum Education: Four (4) year college degree in software development or computer science, and five (5) years' experience of software development for systems in a production environment, or in lieu of education ten (10) years of experience of software development for systems in a production environment. Benefits: Xyston offers 100% paid Medical Care. Vision and Dental offered. 401k with 6% matching Tuition reimbursement (College and Certifications)

Embedded Systems Security Researcher/Penetration Tester

Location: Redstone Arsenal Huntsville, AL

Schedule: Full Time

Clearance: Top Secret

Travel: None

What you'll do:

Xyston is looking for someone who will provide reverse engineering, static and dynamic binary analysis, and vulnerability analysis of software on a variety of different platforms and operating systems. Additionally, he or she will need to write proof-of-concept exploits that simulate adversarial capabilities against systems, and author technical documentation of research or findings as it relates to all security mechanisms such as access control, encryption, and obfuscation.

 

The Embedded Systems Security Researcher/Penetration Tester will perform advanced level security evaluation tasks and duties in order to meet customer requirements and project deadlines.

Duties include:

  • Develop sophisticated, state-of-the-art attacks that integrate the latest attack methods against embedded products

  • Create tools to assist in project goals

  • Communicate complex vulnerabilities to both technical and non-technical client staff

  • Perform research on new attack vectors, discover new vulnerabilities, create new exploitation techniques

  • Create Proof of Concepts (PoC) exploits and documentation

What we want:

  • BA/BS in STEM related field

  • 3+ Years of C/C++ or Assembly Experience

  • Experience with ARM or MIPS architectures and processors

  • Experience with hardware debugging or interface methods including USB, SPI, JTAG, UART, or I2C

  • Experience with reverse engineering/debugging software using tools such as IDA Pro, gbd, adb, or Ghidra

  • Experience with languages such as Golang, Python, bash, etc

  • Experience in “bare metal” or driver development

  • Experience with Logic Analyzers, Software Defined Radios, Hardware Communications devices(Bus Pirate, etc..)

  • Relevant certifications such as PenTest+, Offensive Certified Security Professional (OSCP), Offensive Certified Security Expert (OSCE), Software Linux Assembly Expert (SLAE)

  • Soldering skills to remove flash chips and solder test leads

  • Knowledge of Linux and Real Time Operating Systems

 

Knowledge of security-related topics, such as authentication, identity management, data protection, data leakage prevention, validation checking, encryption, hashing, principle of least privilege, software attack methodologies, secure data transfer, secure data storage, and so forth is expected.

 

Xyston, Inc. is committed to hiring and retaining a diverse workforce. Xyston does not discriminate on the basis of race, color, religion, creed, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. US Citizenship is required for this position.

bottom of page