This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Complete Posting Senior Security Consultant

From OWASP
Jump to: navigation, search

Senior Security Consultant


Position Location: Dulles, VA and NYC

Position Type: Full-time Employee

Reports to: Managing Consultant

Cigital is looking for experienced senior consultants who are deep-rooted in software security architecture analysis, assessment, design and development. Ideal candidates should have a consulting background, enterprise software development experience and often be considered the go-to person in their peer group. Expectations include: superior technical knowledge of software and software development lifecycle including security, controls, programming environments and risk management; project execution against milestones; team leadership, mentorship and teaching ability; and, ability to help grow engagements through meaningful identification of add-on and follow-on opportunities. A Senior Consultant has task responsibility within one or more projects, typically at one client.

Responsibilities

• Team leadership and mentorship

• Software security/risk/controls assessment, requirements definition, testing & solutions

• Code analysis (security or otherwise)

Requirements

• Technical Skills

– Demonstrated software development and implementation using J2EE/Java or .NET programming environments (C#, VB.NET, ASP.NET, etc.

– Ability to perform structured analysis of software architectures and define solutions

– Understanding of OS, DBMS and computer language compiler architectures

– Experience with assessment, design and implementation of software development methodologies (e.g., Waterfall, RUP and Agile)

• Consulting skills

– Ability to interface with clients, utilizing consulting and negotiating skills

– Ability to undertake and complete tasks independently, meet schedules and delivery timelines, and to move swiftly from concepts and theory to action

– Ability to provide pre-sales/post-sales technical support

• Project leadership

– Ability to define and lead a project, and execute tasks consistently

– Ability to collaborate with, mentor and guide project team members

– Ability to provide leadership as an SME (Subject Matter Expert) in one or more domains • Communication Skills

– Ability to articulate thoughts, deliver presentations and training, written and verbal

• Demeanor

– Creativity, drive, enthusiasm and commitment to professional services

Education and Experience

• BS in Computer Science/Engineering or equivalent. (Master’s a major plus)

• Hands-on experience with Java or .NET; broad OS and DBMS experience

• 5+ years enterprise software architecture, security and development lifecycle experience including 2 years experience in security risk assessment. (Will accept Master’s plus 3 years.)

• Hands-on experience with Static Analysis tools and variety of security technologies

• CISSP, CISA, CISM, GSEC or other certification(s) a major plus

• Management consulting experience (e.g., “Big 4”) a major plus