Application Security Testing-Staff Consultant

UltraViolet Cyber is a leading platform-enabled unified security operations company providing a comprehensive suite of security operations solutions. Founded and operated by security practitioners with decades of experience, the UltraViolet Cyber security-as-code platform combines technology innovation and human expertise to make advanced real-time cybersecurity accessible for all organizations by eliminating risks of separate red and blue teams.

By creating continuously optimized identification, detection, and resilience from today's dynamic threat landscape, UltraViolet Cyber provides both managed and custom-tailored unified security operations solutions to the Fortune 500, Federal Government, and Commercial clients. UltraViolet Cyber is headquartered in McLean, Virginia, with global offices across the U.S. and in India.

Our Dedicated Defense model is curated for our customers looking to implement and / or optimize their SIEM and SOC tool stack. This opportunity is aligned within UltraViolet Cyber to perform a key SIEM migration for our customers. The Senior Security SIEM Engineer will be getting to lead a Fortune 250 company through a transformative security and technology project, leading a global team developing methodology for SIEM migration best practices, and have the opportunity to learn cutting edge technology.

Roles Include :

We're looking for a for a full-time Security Staff Consultant to parachute in wherever software insecurity invades and to stomp out bugs and flaws wherever they hide. Does this sound like a good role for you

In this role, you will join in the execution and delivery of planned project deliverables and milestones that assist clients in learning, understanding, and applying our secure software development methodologies.

You will typically have task responsibility within one project and develop the capability to perform tasks within one or more of our security practices & continuously learn and expand your technical expertise.

Some work is from the office, but you will often go on site to help customers exterminate the bugs and untangle the flaws that make their systems insecure.

Our consultants make themselves and their team indispensable advisors to our customers : they build the relationships that help create and identify follow-on assignments.

Responsibilities include but not limited to the following :

Secure code Analysis and Review

Software / Application Penetration Testing

Network Penetration Testing

Architecture Security Analysis and Threat Modeling

Secure Software Design,Architecture, and Engineering

Software / Application Reverse Engineering

Red Team Analysis (including network, wireless, physical, and social engineering techniques)

Database Security Analysis

Cloud Pen testing ( WS , Azure etc)

Technical Skills

Experience with web application penetration testing

Familiarity with software security weakness and vulnerabilities

Experience in performing source code review

Experience in network penetration testing

Working understanding of one scripting language

Experience in reverse engineering is a plus

Familiarity with at least one software programming language and framework is a plus

Consulting Skills

Ability to interface with clients, utilizing consulting and negotiating skills

Ability to undertake and complete tasks autonomously

Meet schedules and delivery timelines, and to move swiftly from concepts and theory to action

Enthusiasm and commitment

Professional interpersonal skills and an entrepreneurial drive

Written communication skills for use in preparing formal documentation.

Verbal skills that include the ability to clearly articulate thoughts and to deliver presentations.

Willingness to travel 20-50%

Key Qualification

Bachelor's Degree in Computer Science, Engineering or equivalent. Master's Degree preferred

Any relevant certifications such as CISSP , CRTP, CRTO, OSCP, PNPT, CEH, OSWE, CREST, GIAC etc. is a plus

Preferred Experience

1 to 10 yrs. of work experience in relevant role

Skills Required

Scripting Language, Reverse Engineering, Web Application Penetration Testing, Network Penetration Testing, Source Code Review