We help organizations make smarter cybersecurity decisions that minimize risk.

Senior Application Security Consultant, Strategic Services

Security EngineerSecurity EngineerFull TimeRemoteTeam 201-500H1B SponsorCompany Site LinkedIn

Location

United States

Posted

127 days ago

Salary

Not specified

Bachelor Degree6 yrs expEnglishJavaJava ScriptPHPPythonSDLC

Job Description

• Deliver Application Security services, including Application Threat Modeling, Application Architecture Reviews, and AppSec/DevSecOps Program Assessments • Communicate with clients and deliver comprehensive reports • Provide remediation guidance and contribute to evolving service offerings in response to emerging threats and client needs

Job Requirements

Willingness to travel up to 10%
Delivering Application Security services, including Application Threat Modeling, Application Architecture Reviews, and AppSec/DevSecOps Program Assessments
Author comprehensive assessment deliverables tailored to both technical and managerial audiences detailing technical execution, deficiencies, business impact, and remediation strategies
Understanding of application security landscape, tools, methodologies, and frameworks such as OWASP SAMM, OWASP DSOMM, NIST SSDF, SLSA, NIST AI RMF, and MITRE ATLAS
Deep understanding of application security issues, mitigation strategies, and common security controls
Ability to analyze and understand complex application architectures
Experience working directly within development teams and integrating security into the SDLC
Assist with Practice development, improving offerings, and mentoring team members
Contribute to marketing initiatives via research, speaking, writing, and tool development
Foster client relationships through support, information, and guidance while managing concurrent client engagements
Demonstrates a startup mentality with a highly driven, high-performance approach to work
Comprehensive hands-on experience using generative AI in automated workflows
Direct hands-on experience in application security service offerings, including application threat modeling, architecture reviews, and AppSec/DevSecOps program assessments
Experience with application security controls, architectures, requirements, and industry standards
Development and/or application architecture design background with understanding of secure implementation practices for cryptography, input validation techniques to prevent injection attacks, and exception management
Operational DevSecOps experience
Development experience in JavaScript, shell, Python, Java, C++, PHP, or C#, with ability to translate security requirements into technical implementations
Excellent writing, communication, and time management skills
Minimum of 6 years of experience in Application Security and/or Software Development, with at least 3 years in Application Security
Minimum of 2 years of experience in consulting services or internal security roles requiring effective communication with both technical teams and executive leadership
Bachelor’s degree in a relevant discipline or equivalent experience

Benefits

Group Medical Insurance options: Zero Deductible PPO Plan (GuidePoint pays 90% of the premium for employees and 70% for family plans)
Group Dental Insurance: GuidePoint pays 100% of the premium for employees and 75% of family plans
12 corporate holidays and a Flexible Time Off (FTO) program
Healthy mobile phone and home internet allowance
Eligibility for retirement plan after 2 months at open enrollment
Pet Benefit Option