Virtualization-Savvy CNO Developer

📋 Description

• • GRVTY is searching for a Virtualization-Savvy CNO Developer who will architect, build, and harden next-generation cyber capabilities that run seamlessly inside virtualized and cloud-native environments. You will be the technical linchpin between offensive cyber operations (CNO) and virtualization engineering, translating red-team tradecraft into stable, scalable, and stealthy tools that operate where traditional binaries cannot.
• • Own the full lifecycle of custom implants, payloads, and post-exploitation modules that are purpose-built for VMware ESXi, Hyper-V, KVM/QEMU, and emerging container runtimes. From initial concept and threat-modeling to low-level hypervisor API abuse and final integration with orchestration platforms, you will ensure every line of code is optimized for persistence, evasion, and minimal forensic footprint.
• • Reverse-engineer proprietary hypervisor interfaces, undocumented CPU instructions, and nested paging mechanisms to discover novel attack surfaces. You will author white-papers and internal playbooks that map these discoveries to practical exploit primitives, giving GRVTY’s federal and commercial clients a decisive edge in red vs. blue exercises.
• • Design and maintain a secure CI/CD pipeline that cross-compiles implants for Windows, Linux, and custom OS kernels running on Type-1 and Type-2 hypervisors. You will embed static analysis, symbolic execution, and hardware-in-the-loop testing to guarantee reliability across ESXi 6.x–8.x, Hyper-V 2019/2022, and KVM distributions used by Fortune 100 enterprises.
• • Collaborate with cloud-security architects to extend CNO tooling into AWS Nitro, Azure Hyper-V Fabric, and Google Shielded VMs. Your code will bridge the gap between on-prem virtualization stacks and elastic cloud substrates, enabling red-team campaigns that pivot from bare-metal to serverless functions without detection.
• • Mentor junior developers and reverse engineers through pair-programming, code reviews, and monthly tech talks. You will curate an internal knowledge base of virtualization internals, exploit mitigations, and defensive countermeasures, ensuring GRVTY’s collective expertise remains at the cutting edge of the industry.
• • Interface directly with federal program managers and Fortune 500 CISOs to translate mission objectives into technical requirements. You will brief stakeholders on TTPs, risk trade-offs, and mitigation strategies, positioning GRVTY as the trusted partner for high-stakes cyber operations.
• • Contribute to open-source virtualization projects (e.g., QEMU, libvirt, Firecracker) under GRVTY’s responsible disclosure policy. Your commits will enhance community security while providing GRVTY with upstream influence and early insight into emerging hypervisor features.
• • Continuously evaluate emerging hardware technologies—Intel TDX, AMD SEV-SNP, ARM CCA—and prototype implants that leverage confidential computing gaps before they reach mainstream adoption. You will publish findings at conferences such as Black Hat, DEF CON, and OffensiveCon, elevating GRVTY’s brand as an innovation leader.
• • Maintain a rigorous OPSEC posture: compartmentalized dev environments, encrypted code repositories, and zero-knowledge build systems. You will lead quarterly red-team tabletop exercises to validate that GRVTY’s own infrastructure remains resilient against the very techniques you create.