GuidePoint Security ยท 2 months ago
Senior Application Security Consultant, Strategic Services- Remote (Anywhere in the U.S.)
United States
Full-time
Remote
Senior Level
6+ years expGuidePoint Security provides trusted cybersecurity expertise and services to help organizations minimize risk. As a Senior Application Security Consultant within Strategic Services, you'll deliver various Application Security services and contribute to evolving service offerings in response to emerging threats and client needs.
Cyber SecurityInformation TechnologySecurity
Responsibilities
Delivering Application Security services, including Application Threat Modeling, Application Architecture Reviews, and AppSec/DevSecOps Program Assessments
Author comprehensive assessment deliverables tailored to both technical and managerial audiences detailing technical execution, deficiencies, business impact, and remediation strategies
Understanding of application security landscape, tools, methodologies, and frameworks such as OWASP SAMM, OWASP DSOMM, NIST SSDF, SLSA, NIST AI RMF, and MITRE ATLAS
Deep understanding of application security issues, mitigation strategies, and common security controls
Ability to analyze and understand complex application architectures
Experience working directly within development teams and integrating security into the SDLC
Assist with Practice development, improving offerings, and mentoring team members
Contribute to marketing initiatives via research, speaking, writing, and tool development
Foster client relationships through support, information, and guidance while managing concurrent client engagements
Demonstrates a startup mentality with a highly driven, high-performance approach to work
Qualification
Required
Willingness to travel up to 10%
Delivering Application Security services, including Application Threat Modeling, Application Architecture Reviews, and AppSec/DevSecOps Program Assessments
Author comprehensive assessment deliverables tailored to both technical and managerial audiences detailing technical execution, deficiencies, business impact, and remediation strategies
Understanding of application security landscape, tools, methodologies, and frameworks such as OWASP SAMM, OWASP DSOMM, NIST SSDF, SLSA, NIST AI RMF, and MITRE ATLAS
Deep understanding of application security issues, mitigation strategies, and common security controls
Ability to analyze and understand complex application architectures
Experience working directly within development teams and integrating security into the SDLC
Assist with Practice development, improving offerings, and mentoring team members
Contribute to marketing initiatives via research, speaking, writing, and tool development
Foster client relationships through support, information, and guidance while managing concurrent client engagements
Demonstrates a startup mentality with a highly driven, high-performance approach to work
Comprehensive hands-on experience using generative AI in automated workflows
Direct hands-on experience in application security service offerings, including application threat modeling, architecture reviews, and AppSec/DevSecOps program assessments
Experience with application security controls, architectures, requirements, and industry standards
Development and/or application architecture design background with understanding of secure implementation practices for cryptography, input validation techniques to prevent injection attacks, and exception management
Operational DevSecOps experience
Development experience in JavaScript, shell, Python, Java, C++, PHP, or C#, with ability to translate security requirements into technical implementations
Excellent writing, communication, and time management skills
Minimum of 6 years of experience in Application Security and/or Software Development, with at least 3 years in Application Security
Minimum of 2 years of experience in consulting services or internal security roles requiring effective communication with both technical teams and executive leadership
Bachelor's degree in a relevant discipline or equivalent experience
Benefits
Remote workforce primarily (U.S. based only, some travel may be required for certain positions, working on-site may be required for Federal positions)
Group Medical Insurance options: Zero Deductible PPO Plan (GuidePoint pays 90% of the premium for employees and 70% for family plans (spouse/children/family) or High Deductible Health Plan with HSA (GuidePoint pays 100% of the employees premiums and 75% for family plans (spouse/children/family) and GPS will contribute in one lump sum: ($500 per EE annually / $1000 per family annually (includes spouse/children/family options)
Group Dental Insurance: GuidePoint pays 100% of the premium for employees and 75% of family plans
12 corporate holidays and a Flexible Time Off (FTO) program
Healthy mobile phone and home internet allowance
Eligibility for retirement plan after 2 months at open enrollment
Pet Benefit Option
Company
GuidePoint Security
GuidePoint Security provides customized, innovative & valuable Information Security solutions that enable commercial federal organizations.
1001-5000 employees
H1B Sponsorship
GuidePoint Security has a track record of offering H1B sponsorships. Please note that this does not
guarantee sponsorship for this specific role. Below presents additional info for your
reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (11)
2024 (14)
2023 (2)
2022 (1)
Funding
Current Stage
Late StageTotal Funding
unknownKey Investors
Audax Private Equity
2023-10-10Private Equity
Leadership Team
Michael Volk
Chairman & CEO
J
Joe Leonard
CTO & VP Security Strategy
Recent News
Company data provided by crunchbase