We all know the benefits of job searching before we ever really need a new job, but sometimes, it’s hard to add one more thing to your life. Or you may be unsure of where to start. For candidates who hold a polygraph, an upcoming virtual career event on October 6 will get you connected with hiring managers and talent acquisition managers. You’ll have the opportunity to speak with recruiters from BlueHalo, Booz Allen, Smartronix, Deloitte, and others. The event is online and can be done from anywhere, making it possible for you to get more information on companies and job opportunities, as well as connect in text-based chats with representatives from the participating organizations. Your clearance – and your polygraph – are in demand, and it’s always important to explore all the opportunities that are available to you.
Contract Opportunities to Watch
|Aerojet Rocketdyne||NASA selects Aerojet Rocketdyne to build the Orion Main Engine (OME), the primary propulsion element for NASA’s Orion spacecraft that will be used to explore deep space. It is a single-award, indefinite-delivery/indefinite-quantity contract with firm-fixed-price orders. Under the contract, which runs through 2032 and has a maximum value of $600 million, Aerojet Rocketdyne will deliver up to 20 new OME engines for use on future Artemis missions beginning with Artemis VII, or to support other NASA-sponsored, deep space exploration missions.
The OME is a 6,000 pound-thrust bipropellant engine that is mounted on Orion’s European Service module and will be built at Aerojet Rocketdyne’s Los Angeles, CA and Redmond, WA facilities. The engine is used for major maneuvers in space, such as entering and departing lunar orbit, and in some mission abort scenarios. The first six Orion missions will use refurbished Orbital Maneuvering System engines (OMS-E) that were provided by Aerojet Rocketdyne for the space shuttle program.
“Having originally designed and developed the OMS-E for the shuttle program, Aerojet Rocketdyne understands the engine’s materials, manufacturing processes and thrust levels,” said Aerojet Rocketdyne CEO and President Eileen P. Drake. “Now we are able to incorporate modern manufacturing techniques to provide NASA with a reliable, flight-proven and affordable engine to propel the Orion spacecraft and return astronauts to the Moon. We understand this engine inside and out and are excited to develop its next generation in support of future Artemis missions.”
In addition to the main engine, Aerojet Rocketdyne also provides, under contract to Lockheed Martin, the auxiliary engines on Orion’s service module, reaction control thrusters on the crew module, OMS-E refurbishment services and the jettison motor on the spacecraft’s launch abort system. Orion’s auxiliary engines and reaction control thrusters are produced at Aerojet Rocketdyne’s facility in Redmond, WA. The jettison motor is a combined effort of the company’s facilities in Orange, VA, and Huntsville, AL.
Key Employer in the Cleared Industry
|Leidos||Growth is only possible when there have been successful leaders at the helm over the years, and Leidos continues to have leaders that put the organization on the trajectory of growth and success. Ready to join?|
Cleared Job of the Week
|Video Game Developer||While it may take time to get exactly where you want to be in the video game ecosystem, the national security industry has a lot of different opportunities for the gamers in the world. Your time spent playing games translates to a higher knowledge and understanding of what it takes for a successful video game. So, don’t discount all those hours that you’ve “invested” over the years.
But you can’t just play video games in your basement and expect to walk into a job in gaming supporting national security. Depending on whether you want to be in the design or development stage of a project, you’ll want to plan your education options accordingly. If you want to be on the programming side, you’ll need the typical degree in engineering or computer science. And without gaming specific education, it will take a few years to work your way into this niche role. And for the design side, there’s work for instructional designers and graphic artists. So decide whether you want to be on the visual side or creating storyboards and puzzles.
As video games grow more complex, more people are needed to work on them, which means that new opportunities will be out there in this field. So, take your love of gaming and your clearance, and get paid to do something you love – all while supporting national security.
DARPA has a new program that will seek to push secure system design by developing ways to stop cyber attackers’ from executing unintended computations on critical systems. While much attention is paid to detecting and remedying flaws or vulnerabilities in software, the way a system is designed can also create large opportunities for attackers. System designers primarily focus on ensuring a program is adept at executing a specific task, focusing on how a design can best support intended features and behaviors and on how they will be implemented within the design. Attackers have also discovered that these design structures and implementation behaviors can be repurposed for their own malicious purposes. Unexpected – or emergent – behaviors that these features could exhibit are not often taken into consideration at the time of design. As a result, attackers often find that they can generate emergent behaviors by using what’s already built into a system, providing a way to exploit flaws that are several layers down. In other words, systems are unknowingly being designed in ways that support adversarial programmability and combinations of features and unprotected abstractions. These amount to embedded exploit execution engines – creating what is colloquially known as “weird machines.”
“When it comes to exploits, the common thinking is that there is a flaw in the program and then there is a crafted input that can trigger the flaw resulting in the program doing something it shouldn’t like crashing or granting privileges to an attacker,” said Sergey Bratus, a program manager in DARPA’s Information Innovation Office (I2O). “Today, the reality is somewhat different as those existing flaws aren’t immediately exposed, so an attacker needs help getting to them. This help is unwittingly provided by the system’s own features and design. Attackers are able to make use of these features and force them to operate in ways they were never intended to.”
This challenge becomes increasingly problematic when observing a class of systems that rely on similar features. When an attacker discovers an exploit on one system, this can give a big hint on how to find similar exploits for other systems that have been developed independently by different vendors but make use of similar mechanisms. This creates persistent exploitable patterns that can be used across a whole host of programs.
The Hardening Development Toolchains Against Emergent Execution Engines (HARDEN) program seeks to give developers a way to understand emergent behaviors and thereby create opportunity to choose abstractions and implementations that limit an attacker’s ability to reuse them for malicious purposes, thus stopping the unintentional creation of weird machines. HARDEN will explore novel theories and approaches and develop practical tools to anticipate, isolate, and mitigate emergent behaviors in computing systems throughout the entire software development lifecycle (SDLC). Notably, the program aims to create mitigation approaches that go well beyond patching. At present, patches tend to only address a particular exploit and do not disrupt the underlying exploit execution engine residing at the design-level.
HARDEN will also focus on validating the generated approaches by applying broad theories and generic tools to concrete technological use cases of general-purpose integrated software systems. Potential evaluation systems include the Unified Extended Firmware Interface (UEFI) architecture and boot-time chain of trust, as well as integrated software systems from the Air Force and Navy domains, such as pilots’ tablets.
“There are many ways to theorize about addressing these challenges, but the test of the theory is how it will apply to an actual integrated system that we base trust on, or want to base trust on. We want to ensure we’re creating models that will be of actual use to critical defense systems,” noted Bratus.
Interested proposers have an opportunity to learn more about the HARDEN program during a Proposers Day on September 30.