Senior C++/Rust Software Engineer

Black Duck Software, Inc. helps organizations build secure, high-quality software, minimizing risks while maximizing speed and productivity. Black Duck, a recognized pioneer in application security, provides SAST, SCA, and DAST solutions that enable teams to quickly find and fix vulnerabilities and defects in proprietary code, open source components, and application behavior. With a combination of industry-leading tools, services, and expertise, only Black Duck helps organizations maximize security and quality in DevSecOps and throughout the software development life cycle.

Description

The Static Analysis team is looking for an exceptional developer, with experience or interest in building and deploying security tools, to join the Static Analysis team at Black Duck. The job involves evolving our state of the art analysis infrastructure and generally pushing the envelope of static analysis. In particular, you will be enhancing the product engine by broadening its of coverage and deepening its analysis to identify even more vulnerabilities. Additionally, you will ensure the product operates in a scalable and performant manner within a cloud-based environment. The perfect candidate will have a strong passion for improving software security and quality, a background in static analysis or compilers, and enthusiasm about programming languages.

Responsibilities

• Design and develop code analysis software for large scale cloud deployments
• Make improvements to general analysis infrastructure
• Improve existing and develop new code analysis algorithms and techniques
• Research security defects, create analysis rules (in Rust) for detecting these defects, test and evaluate the results

Key Qualifications

• Experience in C/C++ or Rust development (2+ years)
• BS, MS, or PhD in Computer Science or equivalent
• Experience with development on UNIX 

Preferred Experience

• Interest or experience in analyzing programming languages, building compilers, parsers, or other language analyzers.
• Interest or experience in dataflow and program analysis.
• Experience with algorithmic design and analysis.
• Experience with one or more of Java, C#, JavaScript, Go, PHP, Python, Kotlin, Scala, Groovy.
• Interest or experience with web application or mobile security, familiarity with OWASP Top 10 lists.

Black Duck considers all applicants for employment without regard to race, color, religion, sex, gender preference, national origin, age, disability, or status as a Covered Veteran in accordance with federal law. In addition, Black Duck complies with applicable state and local laws prohibiting discrimination in employment in every jurisdiction in which it maintains facilities. Black Duck also provides reasonable accommodation to individuals with a disability in accordance with applicable laws.