Who we are
To address the scale needed by the rapid pace of software growth, companies need security tools that are automated and don’t require lengthy manual analysis to sift out false positives. Our focus at ForAllSecure is to build the next-generation of security products that change how companies develop, test and deploy software.
Our tool Mayhem, a fully autonomous cybersecurity system, was built utilizing over 12 years of research at Carnegie Mellon University and developed by a team of some of the best white-hat hackers in the world. In 2016, DARPA hosted the Cyber Grand Challenge, the world’s first all-machine hacking tournament, in which Mayhem competed and took first place against industry and best challengers from academia. Since then, we have been bringing this product to market. The Mayhem solution makes software validation testing radically simpler with a powerful combination of intelligent fuzzing, symbolic execution, and checking of static security indicators.
To date, Mayhem has found vulnerabilities in multiple open source projects, components in production aircraft, and critical flaws in embedded devices. This is only the beginning, as we plan to have Mayhem bring automation, usability and scalability to testing of all of the world’s commercial and government software projects.
What you'll do
As a Solutions Architect for our Federal customers, you will be working with the same technology that won the DARPA Cyber Grand Challenge. The technology uses fuzzing, symbolic execution, and static analysis to help check software. You will be helping Federal customers analyze, automatically find and understand vulnerabilities to secure their code. Often our customers have never used an automated tool before to check for security vulnerabilities, and your work will help them systematize their cyber security efforts for their platforms.
Specifically, you will:
- Plan architecture design, deployment and configuration roll-out of our product offerings for our customers
- Plan adoption phases and milestones, including post-implementation healthcheck sessions
- Help configure, integrate, analyze and maintain Mayhem in the customer environments
- Help install, configure and manage an end-to-end CI/CD pipeline for customers
- Debug/triage production issues
- Deliver training sessions and knowledge transfer sessions
Software Development and/or Fuzzing Experience:
- Required hands-on knowledge of professional reverse engineering and program analysis tools
- Required hands-on vulnerability research on binaries or source code
- Hands-on experience with implementing solutions in C, C++, Java, Python
- Hands-on experience with reading and writing assembly in at least one common architecture (x86, ARM, etc)
- Understanding of low-level operating system concepts (memory management, process lifecycle, I/O systems, etc.)
- Understanding of modern exploitation techniques and mitigations/counter-measures
- Familiarity with architecting and implementing cloud and hybrid solutions with AWS, Azure, Heroku or other cloud platforms, including mobile platforms
- Experience in designing and developing APIs and RESTFul services
- Familiarity with web security best practices and standards
- Experience with DevOps processes e.g. continuous integration, etc.
Education and Working Experience:
- Bachelor’s or Master’s Degree in Software Engineering, Computer Science or another engineering discipline is required.
- 5+ years working as a Software Engineer, Software Architect or a Consultant
- Previous Professional Services experience is a plus
- Government or military service is a plus
Consulting and Leadership Experience:
- Experience in serving as a coach, mentor, subject matter expert, and escalation point for customers, internal teams and colleagues
- Self-motivation and an ability to execute independently
- Multitasking and time management skills
- Strong verbal and written communication skills
- Ability to work in a remote setting with remote co-workers
- Up to 30% travel may be required
Security Clearance: TS/SCI eligible. Active clearance required
ForAllSecure is committed to the principle of equal employment opportunity for all employees and to providing employees with a work environment free of discrimination and harassment. We commit to living by our core values of hunger, respect, accountability and growth mindset. All employment decisions are based on business needs, job requirements and individual qualifications, without regard to veteran status, service-member status, race, color, religion, sex, sexual orientation, gender identity, age, pregnancy (including childbirth, lactation and related medical conditions), national origin or ancestry, citizenship status, physical or mental disability, genetic information (including testing and characteristics), or any other status protected by the federal, state, or local laws. ForAllSecure's commitment to equal opportunity employment applies to all persons involved in our operations and we prohibit unlawful discrimination by any employee.
This policy applies to all terms and conditions of employment, including recruiting, hiring, promotion, termination, leaves of absence, compensation and training.
E-Verify Employer (Applicants in the USA)
ForAllSecure participates in E-Verify. For more information on E-Verify please click the links below: