Black Duck Software, Inc. helps organizations build secure, high-quality software, minimizing risks while maximizing speed and productivity. Black Duck, a recognized pioneer in application security, provides SAST, SCA, and DAST solutions that enable teams to quickly find and fix vulnerabilities and defects in proprietary code, open source components, and application behavior. With a combination of industry-leading tools, services, and expertise, only Black Duck helps organizations maximize security and quality in DevSecOps and throughout the software development life cycle.
We are looking for an exceptional developer, with experience or interest in building and deploying security tools, to join the Sigma team. The job involves developing Sigma tool by supporting the various languages on it and writing models and checkers that pushes the envelope of static analysis. In particular, the job will include enhancing the analysis product for scalable and performant deployment. In this role the developer will be developing, testing, and evaluating models & checkers using Rust programming language according to our internal format.
Key Responsibilities:
As part of the team, you will be involved in one or more of the following activities,
- Design and develop models and checkers for various languages.
- Improve existing and develop new code analysis techniques and algorithms.
- Create test cases for validating different execution scenarios.
- Perform evaluations of check results using Jenkins automation
- Contribute to the collection of benchmarks used for check evaluation.
Key Qualifications:
- Bachelor's or master’s in computer engineering or related fields
- 5+ yrs of experience in static analysis and related technologies
- Experience with data structures and algorithmic design and analysis with development on Linux/Unix or Windows
- Demonstrated history of good analytical, debugging, and problem-solving skills and Programming experience in RUST and/or C++
- Interest or experience in analysing programming languages, building compilers, parsers, or other language analysers, dataflow and program analysis.
- Interest or experience with web application or mobile security, familiarity with OWASP Top 10 lists.
Black Duck considers all applicants for employment without regard to race, color, religion, sex, gender preference, national origin, age, disability, or status as a Covered Veteran in accordance with federal law. In addition, Black Duck complies with applicable state and local laws prohibiting discrimination in employment in every jurisdiction in which it maintains facilities. Black Duck also provides reasonable accommodation to individuals with a disability in accordance with applicable laws.
Top Skills
What We Do
Organizations worldwide use Black Duck Software’s industry-leading products to secure and manage open source software, eliminating the pain related to security vulnerabilities, compliance and operational risk. Black Duck is headquartered in Burlington, MA, and has offices in San Jose, London, Frankfurt, Hong Kong, Tokyo, Vancouver, Seoul & Beijing
Why Work With Us
We pride ourselves on cultivating an environment of collaboration, creativity, and fun! We know where you work can influence how you work, which is why our collaborative office space focuses on community and continuous learning. Our work-hard, play-hard attitude even got us named a Top Place to Work in Massachusetts by The Boston Globe!
Gallery
