Senior Security Consultant - DevSecOps

Synopsys Inc
Herndon, VA
Jan 22, 2022
Jan 24, 2022
IT, Security Engineer
Full Time
We're looking for ethical hackers. Our Senior Security Consultants lead security engagements with a small team to analyze target systems, penetrate defenses, and exploit vulnerabilities. They think creatively about complex problems and communicate solutions to our clients in an easy to understand and meaningful way.Synopsys thrives on learning. Our consultants are exposed to a wide variety of technologies, attack techniques, and security countermeasures. They are assigned an industry-leading expert as a mentor, learn from their peers in a knowledge-rich environment, and share their own expertise with junior members of the team. We're looking for people who want to accelerate their careers and make a strong impact on our team and our clients.We are seeking a Senior Security Consultant- DevSecOps to join our team.ActivitiesYou're not expected to have all these skills on day 1, but here are some of the things you might get to work on while you're here:Providing guidance to clients on proper DevSecOps methodology, people, process, infrastructure, and governanceHelping organizations tackle modern security challenges as they shift security to the left in DevOpsImplementation of industry leading practices and capabilities around DevSecOps for clients.Qualifications and ExperienceMust have 3 years of work experience evaluating Secure SDLC and DevSecOps programs to determine how to embed security activities within, and working with clients to evolve their development programs to embed application security tooling and processes.Must have 3 years of experience working in Agile development, application security, or DevOps role.Experience with.NET, Java, multiple OS and RDBMSApplication security testing tools (SAST, DAST, IAST, OSA, or similar.)Integration of Security testing tools into CI/CD pipelinePost Covid Travel up to 40%Desirable:Experience in customer facing roleFamiliarity with software security weakness, vulnerability, and secure code review a plusFamiliarity with software attack and exploitation techniques a plusFamiliarity with at least one software programming language and framework a plusKnowledge of Cloud providers AWS, Azure and GCPContainers (Docker, Kubernetes, or similar)Infrastructure as code (Vagrant, Docker, Ansible, Chef, Terraform, or similar)Ability to interface with clients, utilizing consulting and negotiating skillsAbility to undertake and complete tasks independently, meet schedules and delivery timelines, and to move swiftly from concepts and theory to actionConsulting SkillsProficiency in organizing and prioritizing multiple tasks, completing them independently, and meeting delivery timelinesAbility to lead a team, give direction, and ensure tasks are executed consistentlyCommunicationWritten communication skills applicable to preparing formal documentation, white papers, and case studiesAbility to clearly articulate thoughts and present to both technical and non-technical audiencesEducation and CertificationsBachelor's Degree in Computer Science, Engineering or equivalent. Master's Degree preferredCompany DescriptionOur business is our experts. Our reputation as one of the leading software security consulting firms is the direct result of the expertise, diligence, and excellence of our consulting team. In fact, Synopsys Software Integrity Group was named a leader in 2020 in the Gartner Magic Quadrant for Application Security Testing in recognition of our vision and ability to execute. Our ideal applicants would be at home in a collaborative and vibrant culture. If you share our passion for innovation, we want to meet you.Inclusion and Diversity are important to us. Synopsys considers all applicants for employment without regard to race, color, religion, national origin, gender, sexual orientation, gender identity, age, military veteran status, or disability.