This position will be fully remote and can be hired anywhere in the continental U.S.
Optiv's Application Security and Threat Management group is a multi-disciplined consulting team with focus areas on network penetration, malware analysis, vulnerability research, hardware testing, operating system, mobile device, and application testing. The Application Security group focuses on mobile and web application testing, and generally anything in Java, .Net, PHPor Web/Mobile frameworks.
The majority of work is remote (some travel required) and can be hired anywhere in the continental U.S.
How you'll make an impact
Perform detailed analysis of a client’s entire SDLC through a security lens. This is accomplished by evaluating the client’s existing policies, procedures, practices, and standards and conducting in-depth client interviews.
Presentation of the detailed assessment of SDLC analysis to client’s and guide them on where and how to improve their current SDLC so the software they create is developed more secure by default. You will be working with various levels within an organization from developers to the C-suite.
Being a trusted advisor to the client as it relates to application security.
Becoming a mentor to others on the team within the Secure SDLC Practice.
What we're looking for
We don't expect people to be experts in every area, but you will have to demonstrate expertise in a few so that we can fit you with the appropriate projects.
Demonstrate competency in application security governance including strategy, metrics, policy, compliance, and security education
Demonstrate competency in secure application design including threat assessment, security requirements, and secure architecture
Demonstrate competency in secure software development including DevSecOps, the build & deployment process, and defect management
Demonstrate competency in application security testing, architectural analysis, and the CICD pipeline
Demonstrate competency in secure application operations including incident management, environment hardening, and secure operations
Practical experience in development, architecture, and application security
5+ years prior software development experience is required
3+ years prior consulting experience is required
Understanding of software security architecture and design
Experience building Secure SDLC programs is a plus
Ability to assist in the strategic direction of the practice
Ability to travel up to 40% of the time to client sites
Ability to work with diverse and dynamic teams
BA/BS degree preferred in computer science, engineering, math, statistics, or information systems
Prefer one or more of the following certifications: CISSP, CEH, OSCP, OSCE, GPEN, CPT, CSSLP
Things we like to see
CVE's, links to your con presentation (or your con), tools, research papers, generally anything that can demonstrate you know your stuff when it comes to web and mobile applications.
#LI-SM1
What you can expect from Optiv
- A company committed to championing Diversity, Equality, and Inclusion through our Employee Resource Groups.
- Work/life balance
- Professional training resources
- Creative problem-solving and the ability to tackle unique, complex projects
- Volunteer Opportunities. “Optiv Chips In” encourages employees to volunteer and engage with their teams and communities.
- The ability and technology necessary to productively work remotely/from home (where applicable)
EEO Statement
Optiv is an equal opportunity employer (EEO). All qualified applicants for employment will be considered without regard to race, color, religion, sex, gender identity, sexual orientation, national origin, status as an individual with a disability, veteran status, or any other basis protected by federal, state, or local law.
Optiv respects your privacy. By providing your information through this page or applying for a job at Optiv, you acknowledge that Optiv will collect, use, and process your information, which may include personal information and sensitive personal information, in connection with Optiv’s selection and recruitment activities. For additional details on how Optiv uses and protects your personal information in the application process, click here to view our Applicant Privacy Notice. If you sign up to receive notifications of job postings, you may unsubscribe at any time.
