Black Duck Software Inc. helps organizations build secure high-quality software minimizing risks while maximizing speed and productivity. Black Duck a recognized pioneer in application security provides SAST SCA and DAST solutions that enable teams to quickly find and fix vulnerabilities and defects in proprietary code open source components and application behavior. With a combination of industry-leading tools services and expertise only Black Duck helps organizations maximize security and quality in DevSecOps and throughout the software development life cycle.
Role Overview
As part of our engineering team you will work on code analysis technologies and contribute to building highquality static analysis solutions. This role offers the opportunity to work across multiple programming languages improve existing analyses and help define benchmarks and validation processes.
Primary Responsibilities
Design and develop static code analysis for C C and Java.
Enhance existing analysis checkers and implement new ones to improve coverage and accuracy.
Develop comprehensive test cases to validate multiple execution scenarios.
Perform automated evaluation of analysis results using Jenkins and other CI tools.
Contribute to building and maintaining benchmark suites used for checker evaluation and comparison.
Qualifications and Experience
Bachelors or Masters degree in Computer Engineering Computer Science or a related field.
Hands-on experience with static analysis compilers or related technologies.
Strong object-oriented programming skills with C/C (6 years) on Linux/Unix platforms.
Preferred Qualifications
Familiarity with compliance and secure coding standards such as MISRA and CERT.
Interest or experience in one or more of the following areas:
Programming language analysis compiler construction parsers or language analyzers
Dataflow analysis and program analysis techniques
Web or mobile application security including familiarity with the OWASP Top 10
Proven analytical debugging and problem-solving skills.
Ability to work effectively both independently and in cross-functional teams.
Strong written and verbal communication skills for technical discussions collaboration and product presentations.
Black Duck is an equal opportunity employer. We consider all applicants for employment without regard to race color national origin religion sex gender identity or expression age disability sexual orientation veteran or military service status or any other characteristic protected by applicable law. Black Duck complies with all applicable laws prohibiting employment discrimination in every jurisdiction where it operates and provides reasonable accommodations to individuals with disabilities in accordance with applicable law.
Required Experience:
IC
Black Duck Software Inc. helps organizations build secure high-quality software minimizing risks while maximizing speed and productivity. Black Duck a recognized pioneer in application security provides SAST SCA and DAST solutions that enable teams to quickly find and fix vulnerabilities and defects...
Black Duck Software Inc. helps organizations build secure high-quality software minimizing risks while maximizing speed and productivity. Black Duck a recognized pioneer in application security provides SAST SCA and DAST solutions that enable teams to quickly find and fix vulnerabilities and defects in proprietary code open source components and application behavior. With a combination of industry-leading tools services and expertise only Black Duck helps organizations maximize security and quality in DevSecOps and throughout the software development life cycle.
Role Overview
As part of our engineering team you will work on code analysis technologies and contribute to building highquality static analysis solutions. This role offers the opportunity to work across multiple programming languages improve existing analyses and help define benchmarks and validation processes.
Primary Responsibilities
Design and develop static code analysis for C C and Java.
Enhance existing analysis checkers and implement new ones to improve coverage and accuracy.
Develop comprehensive test cases to validate multiple execution scenarios.
Perform automated evaluation of analysis results using Jenkins and other CI tools.
Contribute to building and maintaining benchmark suites used for checker evaluation and comparison.
Qualifications and Experience
Bachelors or Masters degree in Computer Engineering Computer Science or a related field.
Hands-on experience with static analysis compilers or related technologies.
Strong object-oriented programming skills with C/C (6 years) on Linux/Unix platforms.
Preferred Qualifications
Familiarity with compliance and secure coding standards such as MISRA and CERT.
Interest or experience in one or more of the following areas:
Programming language analysis compiler construction parsers or language analyzers
Dataflow analysis and program analysis techniques
Web or mobile application security including familiarity with the OWASP Top 10
Proven analytical debugging and problem-solving skills.
Ability to work effectively both independently and in cross-functional teams.
Strong written and verbal communication skills for technical discussions collaboration and product presentations.
Black Duck is an equal opportunity employer. We consider all applicants for employment without regard to race color national origin religion sex gender identity or expression age disability sexual orientation veteran or military service status or any other characteristic protected by applicable law. Black Duck complies with all applicable laws prohibiting employment discrimination in every jurisdiction where it operates and provides reasonable accommodations to individuals with disabilities in accordance with applicable law.
Build high-quality, secure software with application security testing tools and services from Black Duck. We are a Gartner Magic Quadrant Leader in AppSec.
Job Location:
Monthly Salary:
Posted on:
Vacancies:
