I have been working at Aspect Security full-time (More than 3 years)
Great people and work environment
There are really no major cons. It's a small company. If you prefer larger organizations then this is not the place for you.
I applied through a recruiter. The process took a week. I interviewed at Aspect Security (Baltimore, MD) in September 2015.
Interview consisted of recruiter asking from a pool of questions:
What are the difference between fuzzing and sniffing?
What 1 does not fit? Coldfusion, java, asp, html
What 1 does not fit? AES256, Blow Fish, SHA1
Describe Cross Site Scripting
What are some common mitigations for SQL Injection?
Describe the common use of an application proxy for penetration testing.
Explain the differences between a GET and POST request
Do you have any experience with Dynamic and Static Code Analysis? Which tools have you used?
Any advantages of using JSON instead of XML?
Afterwards I was informed that the next step would be to talk with one of their Senior AppSec Engineers and after that step would do a practical part of the interview.
Negotiation phase turned me off. I was told I would come onto the team as a junior. This was fine based on my experience. I was told I would be trained by a Senior Application Security Engineer for 1-3 months. What turned me off was that I would have to move all the way to the East Coast. My current salary is decent and the incentive offered here was $500 on top of what I currently make.
Happy New Year!! We hope everyone had a safe and wonderful holiday season!
How do YOU define your company culture? ......