Application Security Consultant
Application Security Consultant
Looking for an innovative, high-growth company in one of the hottest segments of the security market? Look no further than Veracode!
Veracode is recognized as a premier provider of SaaS-based software security solutions, transforming the way companies secure applications in today’s software driven world. We provide our customers with a solid foundation on which to build security into their modern agile development processes. Learn more about us at www.veracode.com!
Candidate will operate as member of application security consulting team delivering tactical mentorship and strategic consulting in terms of general application security awareness, secure development best-practices, and effective utilization of Veracode services. Ability to effectively communicate application security concepts to developers unskilled in these is essential, as is the ability to also function as a trusted advisor to security stakeholders within client organizations. Additional opportunities of the role include threat analysis and modelling, evaluation of effectiveness of compensating controls within and beyond application implementation logic, creation of client security program recommendations. The role requires:
- 2+ years of recent software development experience-- either professionally or as an Open Source contributor, or an avid hobbyist.
- Written and conversational fluency in Spanish, including domain specific terminology for IT/Application Security/Programming
- Willingness and eagerness to learn new programming languages on the job
- Understanding of Application-level security and secure coding practices.
- Excellent “Client-side” manner
- Client requirement gathering, prioritization and scoping experience.
- Strong technical writing skills.
- Strong oral communication skills in English and good presentation/teaching skills.
- Excellent problem-solving and organizational skills.
- Ability to apply these skills cooperatively in a collaborative team environment.
- Additional Skills and Experiences: Familiarity with CVSS, CWE, OWASP, WASC and SANS-25.Experience with source code analysis and interactive application security testing products, Penetration Testing. Understanding of common risk mitigation practices and technologies such as firewalls, ACLs and multi-factor access controls,; SaaS, Professional Services
- Training/Mentoring experience also desired.
What we offer you
- Outstanding Medical, Dental, and Vision Coverage to meet all your healthcare needs.
- Wellness benefits to help you focus on what’s most important.
- “Take What You Need” time off policy.
- Extensive development and training offerings to help you grow your career at Veracode.
- Generous 401k match to help save for your future.
- Amazing community of professionals who take pride in what we do every day.
In accordance with U.S. pay transparency laws, Veracode provides compensation transparency for roles based in the United States. Click here to view our compensation ranges by grade. Please note, specific compensation may be influenced by various factors including candidates experience, education, and work location.
Job Grade: Career
Employment opportunities are available to all applicants without regard to race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.
Fraudulent Recruitment Alert - Be Aware and Stay Informed
At Veracode, we prioritize a secure recruitment process. Unfortunately, fake recruitment and job offer scams are on the rise. They aim to deceive candidates through emails and calls to obtain sensitive information.
Here’s our recruitment promise to you:
- Comprehensive Interview Process: We never extend job offers without a comprehensive interview process involving our recruitment team and hiring managers.
- Offer Communications: Our job offers are not sent solely through email, and we will never ask you to pay for your own hardware.
- Email Verification: Recruiting emails from Veracode will always originate from an “@veracode.com" email address.