Security Consultant

  • Job Reference: 473135461-2
  • Date Posted: 14 January 2022
  • Recruiter: TalentBurst, Inc.
  • Location: Dulles, Virginia
  • Salary: On Application
  • Sector: Education/Training
  • Job Type: Permanent

Job Description

Job id-
Title-Software Security Consultant(W-2)
Location-Dulles,VA 20166
Duration-12 Months contract+
W-2-Acceptable only

If you are inquisitive, have an urge to know how things work, how to break and fix things and have a passion for building software in the right way, with security built in, we'd love to hear from you.

Activities Include
Secure Software Design and Architecture (incl. Threat Modelling, Architecture Risk Analysis)
Full-breadth DevSecOps Consulting Services (People, Process, Technology)
Web, Mobile & Embedded Penetration Testing
Secure cloud architecture and review
Source Code Analysis
Network Security Analysis
Application Reverse Engineering
Database Security Analysis

Qualifications and Experience
Technical Skills
Software security weaknesses, vulnerability and secure code review
Secure SDLCs and DevSecOps
Software attack and exploitation techniques
Cloud security in AWS, Azure or GCP
Familiarity with at least one Cloud vendor and related security services (Azure, GPC, AWS)
Familiarity with Docker, Kubernetes, Git, Jenkins, GitLab, Artifactory, HashiCorp Vault a plus
At least one software programming language and framework
Concepts of defensive programming, OWASP Top-10, and SANS Top 25 vulnerabilities
Risk scoring standards such as NIST 800-30 r1, CVSS v3

Experience
2+ years with one or more of C/C++, , Java, Java EE, multiple RDBMS & operating systems.
Conducting secure code reviews, design reviews, and threat modelling
Conducting reverse engineering
Performing application penetration testing
Multiple OS such as Linux, Mac OSX, iOS, Android, or Windows, their nuances, strengths and weaknesses
Desirable: Experience working with other languages (e.g. JavaScript, Python, Ruby, PHP, Perl, COBOL, SQL, or Assembly)

Consulting Skills
Ability to interface with clients utilising consulting and negotiating skills
Ability to undertake and complete tasks independently, meet schedules & delivery timelines, and to move swiftly from concepts and theory to action
Ability to prioritise and switch gears in a time-sensitive managed services environment
Ability to identify risks and take due course of action to either address or escalate risks to appropriate stakeholders
Proven experience of producing high quality, actionable, client-orientated reports

Team-oriented Skills
Ability to work with multiple project teams; give and take directions and ensure that tasks are executed consistently

Project Management
People: You can work in a team or alone and ensure tasks are executed consistently
Projects: You can demonstrate the ability to plan, execute and closeout projects
Projects: Tracking the progress of your own projects while keeping resource management informed

Communication
Written communication skills for use in preparing formal documentation, Statements of Work, proposals, white papers, and case studies
Verbal skills that include the ability to clearly articulate thoughts and to deliver presentations and training to people with different levels of experience and knowledge

Demeanour
You are enthusiastic, highly motivated and committed to your work. You do this because you love it.
Constantly inquisitive, have an urge to know how things work, how to break and fix things and have a passion for building software in the right way, with security built in
Flexibility and willingness to travel

Education and Certifications
Bachelor's Degree or Master's Degree in Computer Science/Engineering or equivalent experience
Desirable - Master's Degree in cybersecurity related field
Desirable - Industry certifications including, but not limited to, OSCP, CHECK Team Leader, CREST certified