This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Senior Security Consultant, Cigital

From OWASP
Jump to: navigation, search

Senior Security Consultant

Position Location: San Francisco, California

Position Type: Full-time

Job Order Number: 509

Reports to: Managing Consultant

Cigital is looking for a full-time or contract Security Consultant based at our office in Santa Clara, California - to parachute in wherever software insecurity invades, and to stomp out bugs and flaws wherever they hide.

About Cigital:

Cigital, Inc. is the leading software security and quality consulting firm. Established in 1992, Cigital plans and implements initiatives to help ensure customers have secure, reliable applications. We improve how they build and deploy software, and we have fun doing it. The daily news gives you a taste of what companies face, but if you’re in our field you get to see how serious these problems really are. Whether they’re banks, TV networks, or game designers – when businesses get serious about software security, they call Cigital.

General Responsibilities:

As Cigital engages with clients in the application of our software security improvement methodologies, the Security Consultant joins in the execution and delivery of planned project deliverables and milestones that assist clients in learning, understanding, and applying Cigital's secure software development methodologies. The Consultant typically has task responsibility within one project and develops the capability to perform tasks within one or more of Cigital's security practices. The Consultant continuously learns and expands his/her technical competence. Consultants do some work from our headquarters, but often go on site to help customers exterminate the bugs and untangle the flaws that make their systems insecure. Our consultants make themselves and their team indispensable advisors to our customers: they build the relationships that help create and identify follow-on assignments.

Strong in at least one of the two below, with the ability to do the other:

• Source Code Analysis

• Software Penetration Testing

• Architecture Security Analysis

• Secure Software Design and Architecture

• Application Reverse Engineering

• Network Security Analysis

• Database Security Analysis

Qualifications:

• Technical skills

o Familiarity with software security weakness, vulnerability and secure code review a plus

o Familiarity with software attack and exploitation techniques a plus

o Familiarity with at least one software programming language and framework a plus

• Consulting skills

o Ability to interface with clients, utilizing consulting and negotiating skills

o Ability to undertake and complete tasks independently, meet schedules and delivery timelines, and to move swiftly from concepts and theory to action.

• Team-oriented skills

o Ability to lead multiple project teams; give directions and ensure that tasks are executed consistently

• Project Management skills

o People: You can lead a team, give direction and ensure tasks are executed consistently.

o Projects: You can demonstrate the ability to plan, execute and closeout multi-person projects

• Communication

o Written communication skills for use in preparing formal documentation, Statements of Work, proposals, white papers, and case studies

o Verbal skills that include the ability to clearly articulate thoughts, be persuasive and to deliver presentation and training to all levels of management

• Demeanor

o You are enthusiastic and committed to your work. You do this because you love it.

o You’ve got an entrepreneurial drive and want to help grow this business.

o Willingness to travel 20-50%

• Clearances

o Possession or ability to receive DOD Secret or higher clearance a plus

o US or Canadian Citizenship a plus

Education and Experience:

• BS in CS, Engineering or equivalent. MS preferred.

• Experience with C/C++, ASP.NET, Java, J2EE, multiple RDBMS

• Experience with other languages (e.g. JavaScript, Python, Ruby, PHP, Perl, COBOL, SQL, or Assembly) (Desired)

• Experience in with multiple OS such as Linux, Mac OSX, iOS, Blackberry, Android, or Windows (desired)

• Consulting experience highly desired

Compensation & Work Location:

• Cigital is based in Dulles, Virginia, with offices in New York, San Francisco, London, Amsterdam, and clients worldwide. We offer a competitive salary, equity compensation, and benefits.

To apply visit http://www.cigital.com/careers/jobs/?job=sr-security-consultant-sf