As Cigital engages with clients in the application of our software security improvement methodologies, the Associate Security Consultant joins in the execution and delivery of planned project deliverables and milestones that assist clients in learning, understanding, and applying Cigital’s secure software development methodologies. The Consultant typically has task responsibility within one project and develops the capability to perform tasks within one or more of Cigital’s security practices. The Consultant continuously learns and expands his/her technical competence. Consultants do some work from headquarters, but often go on site to help customers exterminate bugs and untangle the flaws that make their systems insecure. Our consultants make themselves and their team indispensable advisors to our customers: they build the relationships that help create and identify follow-on assignments.
Roles may include:
• Source Code Analysis
• Software Penetration Testing
• Architecture Security Analysis
• Secure Software Design and Architecture
• Application Reverse Engineering
• Network Security Analysis
• Database Security Analysis
• Technical skills
o Familiarity with software security weakness, vulnerability and secure code review a plus
o Familiarity with software attack and exploitation techniques a plus
o Familiarity with at least one software programming language and framework a plus
• Consulting skills
o Ability to interface with clients, utilizing consulting and negotiating skills
o Ability to undertake and complete tasks independently, meet schedules and delivery timelines, and to move swiftly from concepts and theory to action
• Team-oriented skills
o Ability to collaborate with project team members, take direction from the project lead and execute tasks consistently
o Written communication skills for use in preparing formal documentation.
o Verbal skills that include the ability to clearly articulate thoughts and to deliver presentation and training to all levels of management
o Ability to persuade
o Enthusiasm and commitment along with professional interpersonal skills and an entrepreneurial drive
o Willingness to travel 20-50%
Education and Experience:
• BS in CS, Engineering or equivalent. MS preferred.
• Experience with C/C++, .NET, Java, multiple OS and RDBMS
• Experience conducting secure code review a plus
• Experience conducting reverse engineering a plus
• Experience performing web application penetration testing a plus
• Consulting experience a plus
• Experience using static code analysis tools (Fortify, AppScan Source, FxCop, CAT.NET, etc.) a plus
& Work Location:
is based in Dulles, Virginia, with offices in New York, San Francisco, Boston,
Bloomington, Chicago, London, Amsterdam, and clients worldwide. We offer a competitive salary, equity
compensation, and benefits.
Cigital is one of the world’s largest application security firms. For over 20 years, we’ve been helping organizations secure the...