Application Security Consultant
Dell Secureworks is a global leader in providing intelligence-driven information security solutions. We play an important role, as no organization in the world is immune from cyber attacks and the nature of the attack is changing every day.Requirements
• 4+ years experience in administering software-centric security controls in an organization
• Advanced spoken /written English communications skills
• Excellent working knowledge of software security industry standards and development
lifecycle methods – SEI/CMU, SAFECODE, MITRE - Common Weakness Enumeration –
Vulnerability Trends, ISO/IEC 27034, CERT - Secure Coding Standards, OWASP Secure
• Software development and quality assurance testing experience
• IT Systems: SharePoint Administration; MS SQL & IIS Administration, and MySQL
• High proficiency with MS Office productivity applications and Visio
• Experience with: Veracode, Coverity, HP Fortify, Checkmarx, AppScan, WebInspect Analysis solution
• HP Quality Center, Jira, Team Foundation Services software development lifecycle tools
• Application lifecycle management capabilities
• Threat Modeling tools (e.g. Microsoft SDL, STRIDE, PASTA, etc)
• Provide prescriptive guidance and/or root cause analysis of code-level security vulnerabilities in software, to include 3rd-party components.
• Help guide security quality and risk remediation priorities for code-level software reviews.
• Maintain and help implement source code analysis workflow automation improvements
• Help inspect security vulnerabilities associated with open-source and 3rd-party functional libraries
• Assist with security review or creation of written technical guidance that prioritize and remediate software security defects.
• Create, update and maintain appropriate documentation including on-boarding processes and procedures, operational issue tracking and resolution reporting, ticket management and validation analysis checklists
• Work closely with your team members, development project managers, developers, and development operations, during software design through releases to insure a solid set of security requirements and analysis best practices.
• Partner with technology leads and IT Risk leaders to work through product and/or application security issues, resolution and approved remediation plans.
• Contribute to operational process improvements, aid adoption of secure development practices and capabilities designed to enable high quality software.
• Monitor, research, and resolve issue tickets in the product and application security support queue.
• Build and share knowledge in emerging software analysis technologies in the industry and it relates to the broader program focus.