This position will be fully remote and can be hired anywhere in the continental U.S.
Who we are looking for:
Our consultants are skilled technical and consultative resources expected to be strong in both technical and soft skills. A consultant must be a proven self-starter with the ability to problem-solve, communicate, participate in diverse project teams from a technical perspective, and interface effectively with customers, vendor partners, and colleagues.
The Principal Consultant Application Security consultant has strong experience with secure application development and application security assessments. The ideal candidate will understand a wide range of technologies, programming languages and application frameworks to identify risks and vulnerabilities in client applications and supporting environments.
This role will focus on providing security services related to systems that leverage artificial intelligence and machine learning (AI/ML) technologies. Candidates must have a strong aptitude for learning and communicating perspectives on cybersecurity and AI/ML.
How You Will Make an Impact
Research new and emerging threats to continually evolve Optiv’s security expertise around AI/ML attacks
Advise clients on leading practices for developing secure AI/ML systems, spanning the entire development lifecycle
Author regular status updates and final deliverables during client engagements
Perform AI/ML application security vulnerability assessments, penetration tests, threat modeling, and advanced advisory activities through client services engagements
Provide tactical and strategic guidance and detailed remediation advice help clients achieve stronger security postures
Build and maintain professional relationships with client stakeholders and provide them with information about application security and secure development lifecycle topics
Track and monitor current and trending practices for engineering and deploying AI/ML applications and solutions
Contribute to the development of AI/ML services and capabilities across the team
Mentor and train team members in offensive techniques and approaches to help scale Optiv's AI/ML services capabilities
Leverage and extend existing tools to help evolve Optiv’s AI/ML testing methodologies and processes
Assist with evaluating AI/ML security market solutions for comparative efficacy and suitability to client needs
Obtain and evolve personal technical expertise, certifications, and industry credentials through formal and informal training and other learning initiatives
Contribute content to the Optiv blog and present on security topics via webinars, security conferences, and other events
Review the work provided by other team members to confirm their deliverables are of the highest quality
Identify and recommend improvements in Optiv’s methodologies and internal processes and provide input and support for updating consulting tools, techniques, and knowledgebase
Establish and maintain productive relationships with the wider delivery team, practice management, and client management team
What we're looking for
Previous job experience in an information security consulting services or enterprise security team role
Practical experience (5+ years) in application security that included manual security testing of web, mobile, and API applications
Deep understanding of software security architecture and design
Ability to travel 20% of the time to client sites
Ability to work with diverse and dynamic teams
Ability to think critically and solve complex problems with creativity
Excellent verbal and written communication skills
Bachelor’s or master’s degree in computer science, software engineering, data science, or cybersecurity
Hold one or more security certifications: CISSP, CSSLP, OSCP, OSWE, OSCE, GPEN, GWAPT, GMLE
AI/ML Qualifications:
One or more years of experience with AI security testing, AI red teaming, or AI/ML security research
Experience leveraging specialized tools to test AI/ML systems
Working knowledge of adversarial machine learning, offensive security techniques, and countermeasures for AI/ML
Familiarity with OWASP Top 10 lists for LLMs and Machine Learning and/or MITRA ATLAS
Ability to explain the various machine learning paradigms and the relevant attack classes for each
Experience training or educating technical and non-technical audiences about AI/ML security
Knowledge of generative AI attacks and defenses
Preferred Qualifications:
Knowledge of legal and regulatory landscape around trustworthy AI
Ability to leverage development tools such as Jupyter, Pytorch, TensorFlow, and Scikit-learn, and programming languages such as Go and Python
Experience defining best practices for development of secure AI systems
Participated in DEFCON AI Village or AI/ML competitions and Capture the Flag events
#LI-NA1
What you can expect from Optiv
EEO Statement
Optiv is an equal opportunity employer (EEO). All qualified applicants for employment will be considered without regard to race, color, religion, sex, gender identity, sexual orientation, national origin, status as an individual with a disability, veteran status, or any other basis protected by federal, state, or local law.
Optiv respects your privacy. By providing your information through this page or applying for a job at Optiv, you acknowledge that Optiv will collect, use, and process your information, which may include personal information and sensitive personal information, in connection with Optiv’s selection and recruitment activities. For additional details on how Optiv uses and protects your personal information in the application process, click here to view our Applicant Privacy Notice. If you sign up to receive notifications of job postings, you may unsubscribe at any time.