Professional Services Consulting, Sr Staff Consultant

Black Duck Software, Inc. helps organizations build secure, high-quality software, minimizing risks while maximizing speed and productivity. Black Duck, a recognized pioneer in application security, provides SAST, SCA, and DAST solutions that enable teams to quickly find and fix vulnerabilities and defects in proprietary code, open source components, and application behavior. With a combination of industry-leading tools, services, and expertise, only Black Duck helps organizations maximize security and quality in DevSecOps and throughout the software development life cycle.

At Black Duck, Our Software Security and Quality business is all about building secure software—faster. That starts with our static analysis, software composition analysis, and dynamic analysis. So our customers can build security and quality into the DNA of their code at any stage of the software development lifecycle and across the supply chain. All while minimizing risks and maximizing speed of application development.

Professional Services Consulting, Senior Staff Consultant

We’re looking for a for a full-time Senior Security Staff Consultant to parachute in wherever software insecurity invades and to stomp out bugs and flaws wherever they hide.

Does this sound like a good role for you?

• In this role, you will join in the execution and delivery of planned project deliverables and milestones that assist clients in learning, understanding, and applying our secure software development methodologies.
• You will typically have task responsibility within one project and develop the capability to perform tasks within one or more of our security practices & continuously learn and expand your technical expertise.
• Some work is from the office, but you will often go on site to help customers exterminate the bugs and untangle the flaws that make their systems insecure.

Our Consultants make themselves and their team indispensable advisors to our customers: they build the relationships that help create and identify follow-on assignments.

Responsibilities include but not limited to the following:

• Secure code Analysis and Review
• Software/Application Penetration Testing
• Network Penetration Testing
• Architecture Security Analysis and Threat Modeling
• Secure Software Design, Architecture, and Engineering
• Software/Application Reverse Engineering
• Red Team Analysis (including network, wireless, physical, and social engineering techniques)
• Database Security Analysis
• Cloud Pen testing ( WS , Azure etc)

Technical Skills

• Experience with web application penetration testing
• Familiarity with software security weakness and vulnerabilities
• Experience in performing source code review
• Experience in network penetration testing
• Working understanding of one scripting language
• Experience in reverse engineering is a plus
• Familiarity with at least one software programming language and framework is a plus

Consulting Skills

• Ability to interface with clients, utilizing consulting and negotiating skills
• Ability to undertake and complete tasks autonomously
• Meet schedules and delivery timelines, and to move swiftly from concepts and theory to action
• Enthusiasm and commitment
• Professional interpersonal skills and an entrepreneurial drive
• Written communication skills for use in preparing formal documentation.
• Verbal skills that include the ability to clearly articulate thoughts and to deliver presentations.
• Willingness to travel 20-50%

Key Qualification

• Bachelor’s Degree in Computer Science, Engineering or equivalent. Master’s Degree preferred
• Any relevant certifications such as CISSP, CEH etc. is a plus

Preferred Experience

• 6 to 10 yrs. of work experience in relevant role

Black Duck considers all applicants for employment without regard to race, color, religion, sex, gender preference, national origin, age, disability, or status as a Covered Veteran in accordance with federal law. In addition, Black Duck complies with applicable state and local laws prohibiting discrimination in employment in every jurisdiction in which it maintains facilities. Black Duck also provides reasonable accommodation to individuals with a disability in accordance with applicable laws.