The opportunity:

As a Solutions Architect for our Federal customers, you will be working with the same technology that won the DARPA Cyber Grand Challenge. The technology uses fuzzing, symbolic execution, and static analysis to help check software. You will be helping Federal customers analyze, automatically find and understand vulnerabilities to secure their code. Often our customers have never used an automated tool before to check for security vulnerabilities, and your work will help them systematize their cyber security efforts for their platforms.

 

What you will do:

  • Plan architecture design, deployment and configuration roll-out of our product offerings for our customers
  • Plan adoption phases and milestones, including post-implementation health check sessions
  • Help configure, integrate, analyze and maintain Mayhem in the customer environments
  • Help install, configure and manage an end-to-end CI/CD pipeline for customers
  • Debug/triage production issues
  • Deliver training sessions and knowledge transfer sessions

 

You are someone who:

  • Has software development and/or fuzzing experience.
  • Is experienced in implementing solutions in C, C++, Java, Python.
  • Can read and write assembly in at least one common architecture (x86, ARM, etc).
  • Understands low-level operating system concepts (memory management, process lifecycle, I/O systems, etc.).
  • Understands modern exploitation techniques and mitigations/counter-measures.
  • Is familiar with professional reverse engineering and program analysis tools.
  • Is familiar with architecting and implementing cloud and hybrid solutions with AWS, Azure, Heroku or other cloud platforms, including mobile platforms.
  • Has experience in designing and developing APIs and RESTFul services.
  • Is familiar with web security best practices and standards.
  • Has experience with DevOps processes e.g. continuous integration, etc.
  • Has a Bachelor’s or Master’s Degree in Software Engineering, Computer Science or other engineering discipline.
  • Brings 5+ years of working as a Software Engineer, Software Architect or a Consultant.
  • Has previous professional services experience is a plus.
  • Has government or military service is a plus.
  • Demonstrates consulting and leadership capabilities and has served as a coach, mentor, subject matter expert, and escalation point for customers, internal teams and colleagues.
  • Is self-motivated and an able to execute independently.
  • Can multitask and manage time effectively.
  • Demonstrates strong verbal and written communication skills.
  • Is able to work in a remote setting with remote co-workers.
  • Can travel up to 30% as this may be required.
  • Has security clearance: TS/SCI eligible. Active clearance required.

 

Who we are:

Our hunger for success drives our actions. We have respect for all, respect that people will have different opinions, and strive to mitigate unconscious bias. We commit to being responsible, transparent, and accountable in our actions to our customers and each other. We have a growth mindset, believe challenges can be opportunities, and ask what we can do 10% better each time.

We believe in a world where autonomous application security allows us to move faster and beat attackers. We do not believe the status quo is working, as companies are developing software much faster than they can manually secure it. Our focus at ForAllSecure is to change how companies develop, test, and deploy software by building the technology to make cybersecurity autonomous.

Our platform, Mayhem, automatically tests and finds new zero-day exploitable vulnerabilities before attackers. It was built utilizing over 12 years of research out of Carnegie Mellon and developed by a team of some of the best hackers in the world. In 2016, DARPA (Defense Advanced Research Project Agency) hosted the Cyber Grand Challenge, the world’s first all-machine hacking tournament, in which Mayhem competed and took first place against industry and academia’s best challengers. Since then, we have been bringing this product to market. The Mayhem solution makes software validation testing radically simpler. 

ForAllSecure’s customers include Roblox, Cloudflare, Motional, US CyberCommand, where applications range from securing online platforms used by millions to critical mission safety systems. Fortune 1000 companies in aerospace, automotive, and high-tech partner with ForAllSecure for scalable, advanced security testing that keeps pace with increasing development speeds and deployment frequencies. Mayhem has been exhibited at the US Smithsonian Museum and other awards include the 2021 SINET 16, 2021 Global Infosec Award, and the MIT Technology Review as one of the 50 Smartest Companies. We are backed by NEA and KDI, having just raised our Series B funding.

ForAllSecure is an Equal Opportunity Employer and Prohibits Discrimination and Harassment of Any Kind: ForAllSecure is committed to the principle of equal employment opportunity for all employees and to providing employees with a work environment free of discrimination and harassment. All employment decisions at ForAllSecure are based on business needs, job requirements and individual qualifications, without regard to race, color, religion or belief, national, social or ethnic origin, sex (including pregnancy), age, physical, mental or sensory disability, HIV Status, sexual orientation, gender identity and/or expression, marital, civil union or domestic partnership status, past or present military service, family medical history or genetic information, family or parental status, or any other status protected by the laws or regulations in the locations where we operate. ForAllSecure will not tolerate discrimination or harassment based on any of these characteristics. ForAllSecure encourages applicants of all ages. ForAllSecure will provide reasonable accommodation to employees who have protected disabilities consistent with local law.

 

EEOC Statement

ForAllSecure is committed to the principle of equal employment opportunity for all employees and to providing employees with a work environment free of discrimination and harassment. We commit to living by our core values of hunger, respect, accountability and growth mindset. All employment decisions are based on business needs, job requirements and individual qualifications, without regard to veteran status, service-member status, race, color, religion, sex, sexual orientation, gender identity, age, pregnancy (including childbirth, lactation and related medical conditions), national origin or ancestry, citizenship status, physical or mental disability, genetic information (including testing and characteristics), or any other status protected by the federal, state, or local laws. ForAllSecure's commitment to equal opportunity employment applies to all persons involved in our operations and we prohibit unlawful discrimination by any employee.

This policy applies to all terms and conditions of employment, including recruiting, hiring, promotion, termination, leaves of absence, compensation and training.

 

E-Verify Employer (Applicants in the USA)

ForAllSecure participates in E-Verify. For more information on E-Verify please click the links below:

Apply for this Job

* Required
  
(File types: pdf, doc, docx, txt, rtf)
  
(File types: pdf, doc, docx, txt, rtf)


Voluntary Self-Identification

For government reporting purposes, we ask candidates to respond to the below self-identification survey. Completion of the form is entirely voluntary. Whatever your decision, it will not be considered in the hiring process or thereafter. Any information that you do provide will be recorded and maintained in a confidential file.

As set forth in ForAllSecure’s Equal Employment Opportunity policy, we do not discriminate on the basis of any protected group status under any applicable law.

Race & Ethnicity Definitions

If you believe you belong to any of the categories of protected veterans listed below, please indicate by making the appropriate selection. As a government contractor subject to the Vietnam Era Veterans Readjustment Assistance Act (VEVRAA), we request this information in order to measure the effectiveness of the outreach and positive recruitment efforts we undertake pursuant to VEVRAA. Classification of protected categories is as follows:

A "disabled veteran" is one of the following: a veteran of the U.S. military, ground, naval or air service who is entitled to compensation (or who but for the receipt of military retired pay would be entitled to compensation) under laws administered by the Secretary of Veterans Affairs; or a person who was discharged or released from active duty because of a service-connected disability.

A "recently separated veteran" means any veteran during the three-year period beginning on the date of such veteran's discharge or release from active duty in the U.S. military, ground, naval, or air service.

An "active duty wartime or campaign badge veteran" means a veteran who served on active duty in the U.S. military, ground, naval or air service during a war, or in a campaign or expedition for which a campaign badge has been authorized under the laws administered by the Department of Defense.

An "Armed forces service medal veteran" means a veteran who, while serving on active duty in the U.S. military, ground, naval or air service, participated in a United States military operation for which an Armed Forces service medal was awarded pursuant to Executive Order 12985.


Form CC-305

OMB Control Number 1250-0005

Expires 05/31/2023

Voluntary Self-Identification of Disability

Why are you being asked to complete this form?

We are a federal contractor or subcontractor required by law to provide equal employment opportunity to qualified people with disabilities. We are also required to measure our progress toward having at least 7% of our workforce be individuals with disabilities. To do this, we must ask applicants and employees if they have a disability or have ever had a disability. Because a person may become disabled at any time, we ask all of our employees to update their information at least every five years.

Identifying yourself as an individual with a disability is voluntary, and we hope that you will choose to do so. Your answer will be maintained confidentially and not be seen by selecting officials or anyone else involved in making personnel decisions. Completing the form will not negatively impact you in any way, regardless of whether you have self-identified in the past. For more information about this form or the equal employment obligations of federal contractors under Section 503 of the Rehabilitation Act, visit the U.S. Department of Labor’s Office of Federal Contract Compliance Programs (OFCCP) website at www.dol.gov/ofccp.

How do you know if you have a disability?

You are considered to have a disability if you have a physical or mental impairment or medical condition that substantially limits a major life activity, or if you have a history or record of such an impairment or medical condition.

Disabilities include, but are not limited to:

  • Autism
  • Autoimmune disorder, for example, lupus, fibromyalgia, rheumatoid arthritis, or HIV/AIDS
  • Blind or low vision
  • Cancer
  • Cardiovascular or heart disease
  • Celiac disease
  • Cerebral palsy
  • Deaf or hard of hearing
  • Depression or anxiety
  • Diabetes
  • Epilepsy
  • Gastrointestinal disorders, for example, Crohn's Disease, or irritable bowel syndrome
  • Intellectual disability
  • Missing limbs or partially missing limbs
  • Nervous system condition for example, migraine headaches, Parkinson’s disease, or Multiple sclerosis (MS)
  • Psychiatric condition, for example, bipolar disorder, schizophrenia, PTSD, or major depression

1Section 503 of the Rehabilitation Act of 1973, as amended. For more information about this form or the equal employment obligations of Federal contractors, visit the U.S. Department of Labor's Office of Federal Contract Compliance Programs (OFCCP) website at www.dol.gov/ofccp.

PUBLIC BURDEN STATEMENT: According to the Paperwork Reduction Act of 1995 no persons are required to respond to a collection of information unless such collection displays a valid OMB control number. This survey should take about 5 minutes to complete.