Application Security Consultant


Burlington, MA

Industry: Technology


Less than 5 years

Posted 157 days ago

  by    Vinay Kumar

This job is no longer available.

Job Title: Application Security Consultant

Job Duration: Full Time

Job Location: Burlington, MA

Key Responsibilities:

Introduce customers and prospects to the use of Veracode services acting as Subject Matter Expert on Veracode solutions purchased.

Interact with a variety of customer personnel, including software developers up to security executives.

Primary tasks will include coaching/training developers and security teams on how to address/fix security issues detected within their product's code by purchased CA Veracode solutions.

Share application security best practices with client developers and provide training when requested. Demystifying security vocabulary for client developers/teams where needed.

Review and render dispositions on Client's Security Mitigation Proposals. Make recommendations as to whether their proposals will conform and address relevant security issues or propose further changes needed in their plans. Work with the Veracode product strategy team to file and track customer enhancement requests.

Participate in sales meetings as needed. 

Required Experience:

  • BS/BA in Computer Science, Engineering or related field, or equivalent experience.
  • 3-5 years of recent software development experience.
  • Understanding of Application-level security and secure coding practices.
  • Proficiency in Java and C# programming languages is ideal. Strong competency in one and exposure to the other will be considered along with any additional exp. using C, C++, COBOL, PHP, JavaScript, Golang, Perl or Ruby.
  • Hands-on experience with common IDE's: Eclipse and/or Visual Studio.
  • Client requirement gathering, prioritization and scoping experience.
  • Strong technical writing skills.
  • Strong oral communication skills and good presentation/teaching skills. Resource must be a strong Collaborator.

Desired Experience:

  • Familiarity with as many of the following standards as possible: CVSS, CWE, OWASP, WASC and SANS-25
  • Experience with source code analysis and interactive application security testing products.
  • Understanding of common risk mitigation practices and technologies such as firewalls, ACLs and multi-factor access controls.
  • IntelliJ, Visual Studio, Bugzilla or Jira, Hudson, Jenkins, TFS or Cruise Control
  • Archer, SAML/SSO, VMware Databases, Command Shell scripting