Senior Application Security Consultant

Veracode is seeking a motivated and energetic individual who is interested in working customer security professionals and software developers to improve application security in a measurable way. The Application Security Consultant will focus on training developers and security teams on application security best practices by providing code-level remediation advice on potential application vulnerabilities that were identified by the Veracode service. As a Veracode Security Consultant, you will:

 Explain weaknesses and vulnerabilities found in our customers’ code and provide coaching on how to fix them

 Get exposure to a range of programming languages, frameworks, architectures

 Act as part of a close-knit global team, learning from and teaching your peers

Be a subject matter expert in application security and provide consultative services to Veracode customers introduce customers and prospects to the use of the Veracode service interact with a variety of customer personnel, ranging from software developers to security executives.

 Have excellent technical skills and communication skills.

 Help users and various stake-holders within the customer organization interpret results from the Veracode service, and tailor the presentation to the appropriate audience.

 Guide Developers through using Veracode Services where required

 Participate in the sales efforts as needed when technical capabilities of the service are presented.

 Become an active participant and trusted advisor throughout the customer SDLC.

 Work with the Veracode product strategy team to file and track customer enhancement requests.

 Train and mentor new employees.

This position requires a motivated individual that strives to find solutions that align with client needs while providing a repeatable solution(s) that can be reused across multiple programs. It will require constant and effective communication with internal/external cross-functional teams; This individual will have the opportunity and freedom to cultivate new and innovative solutions which will benefit our entire client base.

Skills and experience required:

Candidate will operate as member of application security consulting team delivering tactical mentorship and strategic consulting in terms of general application security awareness, secure development best-practices, and effective utilization of Veracode services. Ability to effectively communicate application security concepts to developers unskilled in these is essential, as is the ability to also function as a trusted advisor to security stakeholders within client organizations. Additional opportunities of the role include threat analysis and modelling, evaluation of effectiveness of compensating controls within and beyond application implementation logic, creation of client security program recommendations.

The role requires:

Written and conversational fluency in Spanish, including domain specific terminology for IT/Application Security/Programming

Willingness and eagerness to learn new programming languages on the job

2+ years of recent software development experience-- either professionally or as an Open Source contributor, or an avid hobbyist.

Understanding of Application-level security and secure coding practices.

Proficiency in one of more of the following programming languages; C, Javascript, C++, C#, Java, or PHP Hands-on experience with one or more of the following: Visual Studio or Eclipse, Team City, Jira, Hudson, Jenkins, or Cruise Control. Archer, SAML/SSO, VMware Databases, Command Shell scripting.

Excellent “Client-side” manner

Client requirement gathering, prioritization and scoping experience.

Strong technical writing skills.

Strong oral communication skills in English and good presentation/teaching skills.

Excellent problem-solving and organizational skills.

Ability to apply these skills cooperatively in a collaborative team environment.

Additional Skills and Experiences: Familiarity with CVSS, CWE, OWASP, WASC and SANS-25.Experience with source code analysis and interactive application security testing products, Penetration Testing. Understanding of common risk mitigation practices and technologies such as firewalls, ACLs and multi-factor access controls,; SaaS, Professional Services

Training/Mentoring experience also desired.

  The Veracode Way:

We Have a Passion and Commitment for Security

We consider security in everything we do. We act to preserve the trust our customers place in us.

We Help Our Customers Change the World

We deliver peace of mind to our customers so they can focus on the pursuit of their missions.

We Have Big Goals and Expect Big Outcomes

We are results driven. We take risks, compete boldly, and deliver valuable outcomes to our customers.

We Are Committed to Making Progress Together

We collaborate with each other, our user communities, our industry and together lead the world forward.

We Value Each Other

We value diversity. We have empathy for each other and assume positive intent.

We Are Proud to be Veracode

We have fun together. We honor who we are and work hard to achieve our potential.

More About Working at Veracode:

Veracode, is a leader in helping organizations secure the software that powers their world. Veracode’s SaaS platform and integrated solutions help security teams and software developers find and fix security-related defects at all points in the software development lifecycle, before they can be exploited by hackers. Our complete set of offerings help customers reduce the risk of data breaches, increase the speed of secure software delivery, meet compliance requirements, and cost effectively secure their software assets- whether that’s software they make, buy or sell.

Veracode serves more than 1,400 customers across a wide range of industries, including nearly one-third of the Fortune 100, three of the top four U.S. commercial banks and more than 20 of Forbes’ 100 Most Valuable Brands. Learn more at www.veracode.com, on the Veracode blog, on Twitter and in the Veracode Community.

At Veracode you’ll have the opportunity to eliminate barriers for our customers and earn a competitive compensation and total rewards package – all while pushing the boundaries of what’s possible by collaborating with a diverse team of global innovators. In short, Veracode’s fun, diverse, and fast-paced culture has put us on the map as one of the best employers in Information Technology.

We offer competitive salary, company-sponsored premium Medical/Prescription & Dental Plans, company-paid Holidays, Vacation, Anniversary Service and Sick Days, 401(k) Plan, Education/Training Reimbursement, Charitable Gift Program, Adoption Assistance Program.

We are equal opportunity employers. As such, it is our corporate policy to fill positions with qualified candidates regardless of the candidate’s race, color, sex, age, religion, ancestry, national origin, citizenship status, marital status, sexual orientation, gender identity, genetic information, disability, pregnancy, military status, veteran status or any other protected group status.

Privacy: https://www.veracode.com/legal-privacy