Home Company Security Assessment Training News & Events SC Labs Contact
Learn about our security assessment services
Learn about our
industry-leading application security training
Access our articles and white papers on application security topics

Senior Application Security Consultant

The Opportunity

We are looking for the brightest and most enthusiastic senior web application security consultants who have a proven track record of constantly exceeding expectations and technical expertise in application security / secure coding. Candidates should have extensive experience with detailed web application penetration testing, and source code review. Threat modeling experience is considered a major asset.

The Role

As a senior consultant, you will be expected to take a leadership position within the company and help guide our growth. You will leader projects in application security penetration testing, source code reviews, and threat modeling. You will also contribute to talks, articles, and whitepapers on leading topics of application security.

About Us

Security Compass is an industry-leading information security firm that provides professional services and training to security-conscious companies. We bring extensive, internationally recognized, cross-industry experience to every client engagement. To our clients, we're not simply an information security company - we are trusted partners in the development of secure software.

The development culture at Security Compass is an agile, iterative, feedback-driven environment.
The culture of Security Compass is derived from one founding principle: to provide our clients with best-in-industry expertise and customer service.

Every member of our team is passionate about their work. We believe that engaged and motivated consultants lead to consistent customer satisfaction - and that consistent customer satisfaction leads to engaged and motivated consultants. We also understand that we have a responsibility to improve the state of software security, so we contribute regularly with initiatives such as the open-source Exploit-Me series of security testing tools and labs.securitycompass.com
We're a stable bootstrapped startup.

Programming Skills & Experience

Required

  • Minimum of 4 year undergraduate, university degree
  • 5+ years experience in application security
  • Extensive web application penetration testing, and source code review experience
  • Understanding of J2EE or .Net security practices
    • Strong preference for .Net experience
  • Understanding of how to integrate security into the Software Development Life Cycle
  • Ability to analyze root causes and deliver strategic recommendations during client reviews
  • CISSP, CEH, GIAC certifications an asset; other certifications valued as well

Non-technical

  • Extensive, proven leadership experience
  • Extensive consulting experience
  • Outstanding problem solving ability
  • Creative thinking ability
  • Extensive report writing and presentation delivery experience
  • Excellent oral and written communication skills
  • Attention to detail and professionalism
  • Passion for customer service
  • Ability to teach classes and present at conferences on information security
  • Willingness to learn and able to take constructive criticism
  • Enthusiastic, optimistic attitude
  • Desire to keep up-to-date skill set

Nice to Have

  • Software development experience, including OOA&D (i.e. design patterns, can understand UML, etc.)
  • Experience in writing books, articles, or papers whitepapers on technical subjects
  • Sales/business development experience

The contact info

careers@securitycompass.com