Cigital: Building secure futures for companies and individuals
Since our foundation in 1992 Cigital has been the leader in the software security space making some of the most important advancements in the field. Our team is composed of the brightest individuals out there, so far they have published over 20 books, written more than 300 peer reviewed articles, speak at 40+ events per year and produce monthly podcasts.
We cultivate an atmosphere where our employees learn new skills and grow their careers. When you join Cigital, you become a part of a talented, creative and energetic team, dedicated to providing high quality software security solutions to clients worldwide. Cigital is a growing global company with offices in or near Washington DC, Atlanta, Boston, Bloomington, Chicago, Dallas, New York, San Diego, Santa Clara, Seattle, London, and Amsterdam.
We look for innovators, programmers, and pioneers who can solve challenging problems, love what they do and want a career not just a job, if this sounds like you, you should join us.
This video from our recent company wide meeting gives you an idea of who we are and what it’s like to work here.
Cigital is where work, intelligence, innovation, and community come together. Surrounded by inspiring co-workers, advancement opportunities, and a lively environment it’s no surprise the most brilliant minds in software security are joining us.
In addition to offering competitive salaries, bonus programs and growth opportunities Cigital provides many valuable benefits, programs and tools to help employees and their families thrive at home as well as at work. Some of our many employee benefits include flexible work schedules, gym membership assistance, tuition reimbursement, life insurance, casual dress policy, and stock options. Additional benefits vary, for more information visit the benefits overview section of our website.
You’ve invested in your education, now it’s time to translate what you’ve learned in the classroom into practical, real-world experience. Cigital offers internship opportunities for undergraduates and graduates who are technically savvy and want to learn more about software security. Most internships are offered full-time during the summer months, however we do provide opportunities year-round. Following a successful internship many qualified interns receive a job offer.
Here are a few internship FAQs.
Which majors does Cigital usually look for in internship applications?
- Computer Science
- Software Engineering
- Information Technology
What skills do applicants need?
Prospective interns should be able to think critically and creatively, and work independently and cooperatively. Other qualities we look for include the desire for lifelong learning, the high ethical standards and excellent communication skills. Experience with the technologies and activities named below are beneficial, but are not required.
- Software Quality Assurance
- Source Code Analysis
- Software Security Fundamentals
Where are internships located?
- Dulles (outside of Washington DC)
- New York
During the last 20 years Cigital evolved into the world’s premier software security consulting and products firm through the consistent development of tools and resources for security practitioners. Here’s a glimpse at a few of the awesome things our employees have done.
2013 – Book: Hacking Exposed Mobile Security Secrets & Solutions
2008 – Book: Web Security Testing Cookbook: Systematic Techniques to Find Problems Fast
2008 – Book: Software Security Engineering: A Guide for Project Managers
2007 – Patent 7,302,707: Systems and methods for detecting software buffer security vulnerabilities
2007 – Patent 7,284,274: System and method for identifying and eliminating vulnerabilities in computer software applications
2007 – Patent 7,181,768: Computer intrusion detection system and method based on application monitoring
2006 – Patent 7,085,928: System and method for defending against malicious software
2006 – Patent 7,072,876: System and method for mining execution traces with finite automata
2006 – Awarded patent 7,024,592: Method for reducing catastrophic failures in continuously operating software systems
2006 – Book: Software Security: Building Security In
2005 – Patent 6,862,696: System and method for software certification
2004 – Book: Exploiting Software: How to Break Code
2002 – Book: 802.11 Security
2001 – We release ITS4 the first commercial code scanning tool in the world into the market.
1999 – Book: Securing Java: Getting Down to Business with Mobile Code
1999 – We learned how to cheat online poker, exposing flaws in the shuffle algorithm.
1996 – Book: Java Security
1995 – Book: Software Assessment: Reliability, Safety, Testability
Meet some of our people
To give you a taste of what it's like to work here, we've asked a few of our colleagues to describe life at Cigital.
Managing Principal and Director of Vulnerability Assessments, Consulting
Nabil has been into breaking computers since he was 6 years old. He fondly remembers his family’s first computer, and how he destroyed it in less than 48 hours all because he was determined to see how it worked. It was more than a year before Nabil was allowed near a computer or a screwdriver!
After those destructive early years, Nabil turned his focus from breaking to fixing. Since joining Cigital more than 6 years ago, Nabil maintains an incredible passion for the company and his work. He sums up his experience here as exciting because “every day is a new challenge, and the work is always different and interesting. Getting to work with technology and help clients build and grow software security initiatives
are something unique that I wouldn't get to do anywhere else.”
Software Security Initiative Director
“Eeeks!” isn’t a sound of surprise to Caroline Wong: it’s her alma mater! A proud graduate of UC Berkeley, Electrical Engineering and Computer Science and former employee of eBay, Zynga, and Symantec, Caroline has a passion for technology and software security.
When asked why she loves her job and software security, Caroline said, “I love knowing on any given day, I could be meeting with a client from anywhere in the world who wants to learn and do more about software security. There is a lot of diversity in our client base, and I enjoy being able to experience meeting people with different backgrounds, cultures, and approaches to their work.”
As a consultant, frequent conference speaker, author, and founding member of the Cloud Security Alliance Metrics Working Group, Caroline is always doing what she loves.
Jona grew up in Nairobi, Kenya, and earned an MS in Computer Science with a focus in Secure Software Systems and Information Security from James Madison University in Virginia.
Software security is something Jona is passionate about. “I use software every single day and knowing the amount of ‘power’ the software has, I need to know that my data/information is secure. We place so much trust in the applications and, in-turn, the developers; one would hope they take security to heart and build it in. Instead of just sitting back and hoping they are doing this, I am working for an organization that is actively helping the cause. “
As a Security Consultant, Jona and his team conduct security design reviews of applications and evaluate any infrastructure changes that may impact the security posture of the organization.
When asked about his team and other Cigitalites, Jona describes them as “extremely approachable, eager and willing to share their knowledge. In fact, I couldn’t ask for a greater group of coworkers!”
- Featured Review
- Work/Life Balance
- Culture & Values
- Career Opportunities
- Comp & Benefits
- Senior Management
I have been working at CigitalRecommendsPositive OutlookRecommendsPositive Outlook
Cigital employs an unbiased merit based system for advancement and rewards. The company places a premium on balancing the needs of the individuals with the needs of the company. They go out of their way to ensure that every member of the company understands how they can help impact the success of the company and how they can personally benefit from the impact they make.
You definitely have to be a self started and self motivated to get ahead. A lot of travel is expected of most of the staff.
Advice to Management
Keep up the good work. As we grow keep the talent level high and the standards of our work even higher.
Getting an Interview
Getting an Interview
- No OfferNeutral ExperienceDifficult Interview
I applied through an employee referral. The process took 4 weeks – interviewed at Cigital.
The process was pretty simple and didn't take too long to get started. The first bit was really just HR asking a few questions ("How did you hear about Cigital?" "Why us?") and then they asked a few technical questions, which were very easy. Second bit was the written part which consisted of 4 languages and a written bit. Pretty straight forward if you know what you are looking for. If not, this part could prove difficult. The third bit really got to me though. I had a technical phone interview with a woman in Seattle, Washington. While phone interviews suck in general, this one only made me hate them more. In my defense, the phone interviewer was very hard to understand. She had a thick accent and she would constantly try to put me on speaker phone so that she could write down my answers. It was tough hearing what she was asking and what she needed to know from me. It also seemed like she had no idea who I was in general. She kept on asking me if I was doing the stuff I was interviewing for in some Master's program at a university when I am not in school anymore? One question I gave a completely wrong answer to because I though she asked another question. She came back with something completely different from what I thought she asked and I made me feel a bit dumb but she wasn't exactly clear. Also, when I didn't get an answer right, I guess, she would produce a heavy sigh into the phone like I was wasting her time, so that didn't make me feel very good as well. That all being said, I didn't do really well on my phone interview. I guess I didn't give the interviewer the best of answers and I knew I didn't do so well. I was nervous and it didn't help that I could barely understand the person on the phone but hey, that's what happened. I can only take it as practice at this point. I am sure they would be a great company to work for though as most of the people I spoke to really enjoyed working there.
- Explain to me what an SQL injection is and what it would look like? How would you implement it. Answer Question
Cigital is one of the world’s largest application security firms. We go beyond traditional testing services to help organizations find, fix and prevent vulnerabilities in the applications that power their business. Our holistic approach to application security offers a balance of managed services, professional services and products tailored to fit your specific needs. We don't stop when the test is over. Our experts also provide remediation guidance, program design services, and training that empower you to build and maintain secure applications. Our proactive methods ...