Application Security Consultant
Job Title: Application Security Consultant
Job Duration: Full Time
Job Location: Burlington, MA
Introduce customers and prospects to the use of Veracode services acting as Subject Matter Expert on Veracode solutions purchased.
Interact with a variety of customer personnel, including software developers up to security executives.
Primary tasks will include coaching/training developers and security teams on how to address/fix security issues detected within their product's code by purchased CA Veracode solutions.
Share application security best practices with client developers and provide training when requested. Demystifying security vocabulary for client developers/teams where needed.
Review and render dispositions on Client's Security Mitigation Proposals. Make recommendations as to whether their proposals will conform and address relevant security issues or propose further changes needed in their plans. Work with the Veracode product strategy team to file and track customer enhancement requests.
Participate in sales meetings as needed.
- BS/BA in Computer Science, Engineering or related field, or equivalent experience.
- 3-5 years of recent software development experience.
- Understanding of Application-level security and secure coding practices.
- Hands-on experience with common IDE's: Eclipse and/or Visual Studio.
- Client requirement gathering, prioritization and scoping experience.
- Strong technical writing skills.
- Strong oral communication skills and good presentation/teaching skills. Resource must be a strong Collaborator.
- Familiarity with as many of the following standards as possible: CVSS, CWE, OWASP, WASC and SANS-25
- Experience with source code analysis and interactive application security testing products.
- Understanding of common risk mitigation practices and technologies such as firewalls, ACLs and multi-factor access controls.
- IntelliJ, Visual Studio, Bugzilla or Jira, Hudson, Jenkins, TFS or Cruise Control
- Archer, SAML/SSO, VMware Databases, Command Shell scripting