Professional Services Consulting, Sr Consultant

Black Duck Software, Inc. helps organizations build secure, high-quality software, minimizing risks while maximizing speed and productivity. Black Duck, a recognized pioneer in application security, provides SAST, SCA, and DAST solutions that enable teams to quickly find and fix vulnerabilities and defects in proprietary code, open source components, and application behavior. With a combination of industry-leading tools, services, and expertise, only Black Duck helps organizations maximize security and quality in DevSecOps and throughout the software development life cycle.

At Black Duck, our Software Security and Quality business is all about building secure software—faster. That starts with our static analysis, software composition analysis, and dynamic analysis. So our customers can build security and quality into the DNA of their code at any stage of the software development lifecycle and across the supply chain. All while minimizing risks and maximizing speed of application development.

Professional Services Consulting, Senior Consultant

We’re looking for a for a full-time Security Senior Consultant to parachute in wherever software insecurity invades and to stomp out bugs and flaws wherever they hide.

Does this sound like a good role for you?

In this role, you need to go beyond traditional testing services to help our clients identify, remediate, and prevent vulnerabilities in the applications that power their business. You need to have a holistic approach to application security offers a balance of managed and professional services and products tailored to fit client’s specific needs. As a security professional you should have the ability to provide remediation guidance, program design services, and training that empower build and maintain secure applications.

Responsibilities include but not limited to the following:

• Ability to collaborate with project team members, take direction from the project lead and execute tasks consistently


• Can Conduct Source Code Analysis


• Can Conduct Software Penetration Testing


• Can Conduct Architecture Security Analysis


• Can Conduct Secure Software Design and Architecture analysis


• Conduct Database Security Analysis


• Knowledge on Network Security Analysis will be an added advantage


• Familiarity with at least Java or .Net (Should be able to read and understand enterprise code and write basic code)


• Experience with other languages (e.g. JavaScript, Python, Ruby, PHP, Perl, COBOL, SQL, or Assembly) (Desired)


• Familiarity with software security weakness, vulnerability and secure code review. Experience conducting secure code review is a plus


• Familiarity with security vulnerabilities and how those things appear in code


• Ability to look understand vulnerable code and security implications


• Basic knowledge of remediation of security issues


• Software architecture experience (web application, web services, API gateway, cloud native apps).


• Software development experience in Java / .NET / JavaScript / django / python.


• Software build process experience (e.g., Jenkins, TeamCity, Bamboo, TFS, maven, msbuild).


• Basic knowledge of Cloud computing in any of the Cloud platforms like AWS, Azure, GCP or Ali Cloud.


• Any professional certifications on these Cloud technologies or hands-on exposure of Cloud config reviews would be given preference.


• Prior exposure of Architecture review/Threat modeling of applications and relevant tools


• Hands-on exposure of Software Composition Analysis or familiarities with SCA tools like Blackduck.

Key Qualification

• Bachelor’s Degree in Computer Science, Engineering or equivalent. Master’s Degree preferred

Preferred Experience

• 2 to 5 yrs. of work experience in relevant role

Black Duck considers all applicants for employment without regard to race, color, religion, sex, gender preference, national origin, age, disability, or status as a Covered Veteran in accordance with federal law. In addition, Black Duck complies with applicable state and local laws prohibiting discrimination in employment in every jurisdiction in which it maintains facilities. Black Duck also provides reasonable accommodation to individuals with a disability in accordance with applicable laws.