Code Review Security Consultant Job
Date: May 3, 2013
Location: Reston, VA, US
Description:About the Role and Responsibilities
About the Role:
Candidate will work with Foundstone’s Software & Application Security Services (SASS) Team. This full-time position is a great opportunity for someone with strong software code review skills. This is a highly technical hands-on role that will utilize your software development and secure code review skills.
Foundstone's capability in source code security assessments extends from our Software and Application Security Service (SASS) consultants, who have performed source code audits on numerous client applications, as well as their own software. Our SASS consultants worked as development practitioners on commercial enterprise software systems and understand the software development process, as well as why and how security bugs are introduced. Our experience combined with advanced automated tools using contextual analysis; enable us to look at a greater amount of code faster and more accurately.
Required Experience/ Skills & Education:
· Conduct secure software code reviews
· Ability to identify detrimental software security problems
· Assess the code for semantic and language security bugs
· Expertise in any of the languages C, C++, C#, VB.NET, Java, CFML, Perl, Classic ASP, and PHP.
· Work within development frameworks, such as J2EE and the .NET framework
· Perform Static analysis using both commercial, open source, and Foundstone’s own internally developed code scanners.
· Development on Win32 and UNIX platforms.
· Write formal secure code review reports for each application, using Foundstone’s standard reporting format.
· Participate in conference calls with clients to perform initial data gathering and a follow-up advisory based on the type of the request.
· Identify and recommend improvements in Foundstone’s methodology and internal processes.
· Contribute to marketing materials (presentations, whitepapers, tools, etc.)
The candidate is required to be passionate about Software and Application Security and have hands-on experience. The ideal candidate would have at least 1-2 years’ experience in Software Code Reviews or a Master’s degree in Information Security.
Any of the following skills are a plus –
· Threat Modeling Experience
· Mobile Apps Code Review (iOS, Android) Experience
Location : The majority of work will be done either from our corporate offices located in New York City (NY), Reston (VA), Santa Clara (CA), Mission Viejo (CA), Plano (TX) OR from specific client offices OR remotely from home depending upon the location of the candidate. Some of the work might involve out of area travel.
Job: Professional Services
Primary Location: NA-USA-VA-Reston
Position Number: 880811
Nearest Major Market: Washington DC
Job Segment: Consulting, Consultant, Security, Corporate Security, Developer, Contract, Technology