[Remote] Senior Application Security Consultant, Strategic Services- Remote (Anywhere in the U.S.)
Note: The job is a remote job and is open to candidates in USA. GuidePoint Security is a rapidly growing cybersecurity firm that provides trusted expertise, solutions, and services to help organizations minimize risk. As a Senior Application Security Consultant within Strategic Services, you will deliver application security services, engage with clients, and contribute to the evolution of service offerings in response to emerging threats.
Responsibilities
- Delivering Application Security services, including Application Threat Modeling, Application Architecture Reviews, and AppSec/DevSecOps Program Assessments
- Author comprehensive assessment deliverables tailored to both technical and managerial audiences detailing technical execution, deficiencies, business impact, and remediation strategies
- Understanding of application security landscape, tools, methodologies, and frameworks such as OWASP SAMM, OWASP DSOMM, NIST SSDF, SLSA, NIST AI RMF, and MITRE ATLAS
- Deep understanding of application security issues, mitigation strategies, and common security controls
- Ability to analyze and understand complex application architectures
- Experience working directly within development teams and integrating security into the SDLC
- Assist with Practice development, improving offerings, and mentoring team members
- Contribute to marketing initiatives via research, speaking, writing, and tool development
- Foster client relationships through support, information, and guidance while managing concurrent client engagements
- Demonstrates a startup mentality with a highly driven, high-performance approach to work
Skills
- Willingness to travel up to 10%
- Delivering Application Security services, including Application Threat Modeling, Application Architecture Reviews, and AppSec/DevSecOps Program Assessments
- Author comprehensive assessment deliverables tailored to both technical and managerial audiences detailing technical execution, deficiencies, business impact, and remediation strategies
- Understanding of application security landscape, tools, methodologies, and frameworks such as OWASP SAMM, OWASP DSOMM, NIST SSDF, SLSA, NIST AI RMF, and MITRE ATLAS
- Deep understanding of application security issues, mitigation strategies, and common security controls
- Ability to analyze and understand complex application architectures
- Experience working directly within development teams and integrating security into the SDLC
- Assist with Practice development, improving offerings, and mentoring team members
- Contribute to marketing initiatives via research, speaking, writing, and tool development
- Foster client relationships through support, information, and guidance while managing concurrent client engagements
- Demonstrates a startup mentality with a highly driven, high-performance approach to work
- Comprehensive hands-on experience using generative AI in automated workflows
- Direct hands-on experience in application security service offerings, including application threat modeling, architecture reviews, and AppSec/DevSecOps program assessments
- Experience with application security controls, architectures, requirements, and industry standards
- Development and/or application architecture design background with understanding of secure implementation practices for cryptography, input validation techniques to prevent injection attacks, and exception management
- Operational DevSecOps experience
- Development experience in JavaScript, shell, Python, Java, C++, PHP, or C#, with ability to translate security requirements into technical implementations
- Excellent writing, communication, and time management skills
- Minimum of 6 years of experience in Application Security and/or Software Development, with at least 3 years in Application Security
- Minimum of 2 years of experience in consulting services or internal security roles requiring effective communication with both technical teams and executive leadership
- Bachelor's degree in a relevant discipline or equivalent experience
Benefits
- Remote workforce primarily (U.S. based only, some travel may be required for certain positions, working on-site may be required for Federal positions)
- Group Medical Insurance options: Zero Deductible PPO Plan (GuidePoint pays 90% of the premium for employees and 70% for family plans (spouse/children/family) or High Deductible Health Plan with HSA (GuidePoint pays 100% of the employees premiums and 75% for family plans (spouse/children/family). If you choose the High Deductible / HSA plan, GPS will contribute in 4 equal quarterly installments: ($850 per EE annually / $1750 per family annually (includes spouse/children/family options)
- Group Dental Insurance: GuidePoint pays 100% of the premium for employees and 75% of family plans
- 12 corporate holidays and a Flexible Time Off (FTO) program
- Healthy mobile phone and home internet allowance
- Eligibility for retirement plan after 2 months at open enrollment
- Pet Benefit Option
Company Overview