Senior Application Security Consultant, Strategic Services

GuidePoint Security provides trusted cybersecurity expertise, solutions, and services to help organizations make informed decisions and minimize risk. Through a holistic, three-tiered approach to evaluating security posture and ecosystems, GuidePoint empowers leading organizations, including Fortune 500 companies and U.S. government agencies, to identify threats, optimize resources, and integrate best-fit solutions for risk mitigation.

Summary

GuidePoint Security offers a comprehensive suite of strategic Application Security services, such as Application Threat Modeling, Application Architecture Reviews, and AppSec/DevSecOps Program Assessments. As a Senior Application Security Consultant within Strategic Services, you will deliver these services to clients across diverse industries.

Join GuidePoint's elite team to conduct engagements, communicate with clients, deliver detailed reports, and provide remediation guidance. You will also contribute to the evolution of our service offerings in response to emerging threats and client needs.

We are ideally seeking candidates who have transitioned from software development into application security, bringing practical coding experience and a deep understanding of secure software development practices.

Role Requirements

• Willingness to travel up to 10%
• Deliver Application Security services, including Application Threat Modeling, Application Architecture Reviews, and AppSec/DevSecOps Program Assessments
• Author comprehensive assessment deliverables tailored to both technical and managerial audiences, detailing technical execution, deficiencies, business impact, and remediation strategies
• Understand the application security landscape, tools, methodologies, and frameworks such as OWASP SAMM, OWASP DSOMM, NIST SSDF, SLSA, NIST AI RMF, and MITRE ATLAS
• Possess a deep understanding of application security issues, mitigation strategies, and common security controls
• Ability to analyze and comprehend complex application architectures
• Experience working directly within development teams and integrating security into the SDLC
• Assist with Practice development, improving offerings, and mentoring team members
• Contribute to marketing initiatives through research, speaking, writing, and tool development
• Foster client relationships through support, information, and guidance while managing concurrent client engagements
• Demonstrate a startup mentality with a highly driven, high-performance approach to work

Education, Credentials, and Experience

• Comprehensive hands-on experience using generative AI in automated workflows
• Direct hands-on experience in application security service offerings, including application threat modeling, architecture reviews, and AppSec/DevSecOps program assessments
• Experience with application security controls, architectures, requirements, and industry standards
• Development and/or application architecture design background with an understanding of secure implementation practices for cryptography, input validation techniques to prevent injection attacks, and exception management
• Operational DevSecOps experience
• Development experience in JavaScript, shell, Python, Java, C++, PHP, or C#, with the ability to translate security requirements into technical implementations
• Excellent writing, communication, and time management skills
• Minimum of 6 years of experience in Application Security and/or Software Development, with at least 3 years in Application Security
• Minimum of 2 years of experience in consulting services or internal security roles requiring effective communication with both technical teams and executive leadership
• Bachelor's degree in a relevant discipline or equivalent experience

We use Greenhouse Software as our applicant tracking system and Zoom Scheduler for HR screen request scheduling. Please check your SPAM folder to ensure you don't miss updates on your application, as emails may be blocked.

Why GuidePoint?

GuidePoint Security is a rapidly growing, profitable, privately-held value-added reseller exclusively focused on Information Security. Since its inception in 2011, GuidePoint has grown to over 1000 employees, established strategic partnerships with leading security vendors, and serves as a trusted advisor to more than 4,200 customers.

Firmly-defined core values drive all aspects of the business, contributing to the company's success and an enjoyable workplace atmosphere. At GuidePoint, colleagues are knowledgeable, skilled, and experienced, seeking to collaborate and provide mentorship and guidance opportunities.

This is a unique opportunity to grow your career with one of the fastest-growing companies in the nation.

Perks

• Primarily remote workforce (U.S. based only; some travel may be required for certain positions; on-site work may be required for Federal positions)
• Group Medical Insurance options: Zero Deductible PPO Plan (GuidePoint pays 90% of employee premiums and 70% for family plans) or High Deductible Health Plan with HSA (GuidePoint pays 100% of employee premiums and 75% for family plans, with an annual GPS contribution of $500 for employees or $1000 for families)
• Group Dental Insurance: GuidePoint pays 100% of employee premiums and 75% of family plans
• 12 corporate holidays and a Flexible Time Off (FTO) program
• Healthy mobile phone and home internet allowance
• Retirement plan eligibility after 2 months at open enrollment
• Pet Benefit Option