Cigital, Inc. headquartered in Dulles, Virginia (just outside of Washington, D.C.), is the world’s largest consulting firm specializing in software security and is the global leader in helping organizations design, build, and maintain secure software. Our unique expertise, product technologies, and training services are a culmination of over twenty years of research and thousands of successful software security consulting engagements at leading public and private organizations throughout the world.
We provide a comprehensive range of software security services including consulting, training in both instructor-led and eLearning, mobile application security, and cloud services aimed at addressing the potential security risks associated with third-party or outsourced software. Whether it’s a simple penetration test or deploying an end-to-end software security program, our expert consultants have both the depth of knowledge and breadth of real-world experience to understand the risks and challenges our clients face each day.
Cigital was established in 1992 with funding and contracts from DARPA and NASA. The creation of Cigital Labs Research in the mid 1990’s resulted in some of the most important advancements in software security including the development of the first ever commercial Static Analysis tool, ITS4. The technology in this product was eventually licensed to Kleiner Perkins and used as the basis for the creation of Fortify Software in 1999. Fortify went on to become the global leader in the Static Analysis tool marketplace and was sold to Hewlett Packard in 2010. Cigital Labs has been awarded 8 different patents in areas dealing with software security.
Job DescriptionA Cigital Senior Consultant applies our software security improvement methodologies through the execution and delivery of consulting projects, including timely provision of deliverables across milestones that assist customers in learning, understanding, and embedding security in the software development lifecycle. Senior Consultants typically have task execution responsibility within one or more projects at once, and develop specialization within one or more of Cigital's security practices (such as penetration testing or code review). The Senior Consultant continuously learns and expands his/her technical competence. This role will work on site with customers to deliver projects and manage relationships. Our consultants make themselves and their team indispensable advisors to our customers, and they build the relationships that help create and identify follow-on assignments.
The ideal candidate will possess expertise in several of the following areas:
Code Review
Software/Application Penetration Testing
Architecture Security Analysis and Threat Modeling
Secure Software Design, Architecture, and Engineering
Software/Application Reverse Engineering
Red Team Analysis (including network, wireless, physical, and social engineering techniques)
Database Security
QualificationsTechnical skills
Experience with software development/engineering using common software languages and frameworks (e.g. C/C++, ASP.NET, Java, J2EE, multiple RDBMS, Objective-C, JavaScript, Python, Ruby, Struts, Spring, PHP, Perl, SQL, or Assembly)
Experience performing application penetration testing with focus on web, mobile, and thick client targets
Experience conducting secure code review
Experience with reverse engineering/disassembly
Experience with multiple OS such as Linux, Mac OSX, iOS, Blackberry, Android, and/or Windows
Familiarity with software attack, exploitation, and remediation techniques
Familiarity with common software security architecture and engineering patterns
Consulting skills
Excellent relationship/account management skills to drive deep and productive relationships across multiple initiatives and through customer organizational change over many years.
Ability to engage proactively with customers in person and electronically, utilizing strong interpersonal skills to quickly understand customer objectives and translate them into well-defined projects.
Ability to undertake and complete tasks independently, meet schedules and delivery timelines, and to move swiftly from concepts and theory to action.
Leadership skills
Ability to lead multiple project teams; give directions and ensure that tasks are executed consistently
Work constructively with our local Houston, regional Southwest, and company-wide teams to grow our talent and develop new tools and techniques to enhance our business.
Project Management skills
Ability to quickly understand customer objectives and translate them into well-defined projects/Statements of Work
Ability to persistently oversee project execution and drive to established business and technical objectives
Demonstrated ability to plan, execute and complete multi-person consulting projects on time and on-budget.
Communication
Excellent written communication skills, including customer communications (email), formal deliverables/reports, Statements of Work, proposals, white papers, and case studies.
Excellent verbal communication skills that include the ability to clearly and simply articulate complex technical concepts, strong persuasiveness and negotiations skills, and excellent group presentation skills for audiences of varying sizes and roles (from executive management to technical).
General
Enthusiasm and passion for software security that is visible to customers and co-workers every day.
Entrepreneurial drive and desire to help grow Cigital’s business and thought leadership.
Willingness to travel 20-50%.
Additional InformationEducation and Certifications:
Top graduate in Computer Science, Engineering, Math or related field
Compensation & Work Location:
Cigital is based in Dulles, Virginia, with offices in Amsterdam, Atlanta, Bloomington, Boston, Chicago, Dallas, London, New York, Dallas, San Diego, Santa Clara, Seattle, and works with clients worldwide. We offer a competitive salary, equity compensation, and benefits.