Secure Code Auditor-C/C++ and Vunerability background is a must

Responsibilities

• Code Review & Analysis: Conduct detailed reviews of C/C++ codebases to identify potential security vulnerabilities, including buffer overflows, memory leaks, race conditions, and other weaknesses.
• Secure Development Practices: Collaborate with development teams to implement secure coding practices and provide recommendations for mitigating identified risks.
• Vulnerability Assessment: Use static and dynamic analysis tools to uncover security flaws and verify the effectiveness of implemented fixes.
• Documentation & Reporting: Prepare comprehensive audit reports detailing identified vulnerabilities, their potential impact, and recommended remediation steps.
• Compliance Verification: Ensure code adheres to applicable standards (e.g., OWASP, MISRA, CERT C/C++ guidelines).
• Education & Training: Provide training and guidance to development teams on secure coding techniques and practices.
• Collaboration: Work closely with developers, QA, and security teams to establish a secure development lifecycle and address security concerns proactively.

Technical Expertise:

• Proficiency in C and C++ programming languages, including advanced concepts such as memory management and multithreading.
• Deep understanding of common security vulnerabilities and exploitation techniques in C/C++ applications.
• Familiarity with modern software development tools and environments (e.g., GCC, Clang).

Tools & Techniques:

• Experience with code analysis tools such as Coverity, KlocWork, CodeChecker or Fortify.
• Knowledge of debugging and diagnostic tools (e.g., GDB, Valgrind).
• Hands-on experience with fuzzing, penetration testing, and other vulnerability discovery methodologies.

Soft Skills:

• Excellent analytical and problem-solving skills.
• Strong communication skills to convey complex technical findings to diverse stakeholders.
• Ability to work independently and as part of a team.

Preferred Qualifications:

• Bachelor’s degree in Computer Science, Cybersecurity, or a related field.
• 3+ years of experience in the field of C/C++ development.
• Certifications such as Certified Secure Software Lifecycle Professional (CSSLP) or Offensive Security Certified Professional (OSCP).
• Familiarity with Agile or DevSecOps workflows.
• Knowledge of other languages (e.g., Python, Shell) for scripting and automation.