Principal Application Security Consultant

GuidePoint Security offers an inclusive set of Application Security services including Application Security Assessments for various application types (web mobile IoT thick client) Threat Modeling Source Code Reviews Application Architecture Reviews Application Security Program Management Secure Development Training and Secure SDLC Implementation.

The Principal Application Security Consultant joins GuidePoint’s elite team of Application Security experts to deliver the aforementioned services which involves performing assessments communicating with clients delivering comprehensive reports and providing remediation guidance. Along with providing pre-sales support to clients when needed and scoping out custom assessments. You will spend your time focusing on challenging projects and solving complex problems. Our clients will rely on your experience adaptability and creativity to identify application security issues that others often miss.

GuidePoint Security’s Application Security team's offerings consistently evolve with the security industry and risks that modern environments face.

Role Requirements

• Deliver Application Security services including but not limited to Application Security Assessments for various application types (web mobile IoT thick client) Threat Modeling Source Code Reviews Application Architecture Reviews Application Security Program Management Secure Development Training and Secure SDLC Implementation

• Provide pre-sales and scoping support to clients when needed for custom engagements

• Author comprehensive assessment deliverables that are proficiently tailored to both technical and managerial audiences and fully detail the technical execution core deficiencies business impact and realistic remediation strategies

• Identify qualify and conduct Application Security research projects

• Contribute to marketing initiatives via activities such as publishing research speaking at industry conferences authoring blog articles and whitepapers hosting webinars and developing security tools

• Utilize automation orchestration and scripting to reduce manual processes improving overall efficiency while also enabling new capabilities to meet the rapidly changing needs of our clients

• Assist with Practice development including improving existing offerings creating new offerings and mentoring team members

• Perpetually strengthen relevant skills knowledge and abilities to stay at the forefront of the information security industry.

• Foster client relationships by providing support information and guidance

• Maintain a strong desire to learn adapt and improve along with a rapidly-growing company

• Perform other duties as assigned

Education Credentials and Experience

• Experience with testing tools such as Burp Suite Postman Netsparker sqlmap DirBuster OpenSSL etc.

• Experience reviewing source code written in JavaScript Python Java C++ PHP or C#.

• In-depth knowledge of testing methodologies and when to creatively deviate from structured processes

• Deep understanding of a broad range of Application Security issues as well as their mitigation strategies

• Understanding of reverse engineering concepts as well as tools involved such as debuggers disassemblers and operating system monitoring utilities

• Internal operational DevSecOps experience is preferred.

• Strong communication skills that include the ability to clearly articulate thoughts and distill complex problems into digestible pieces of information during live conversations formal deliverables white papers and case studies

• InfoSec community involvement such as conference speaking blog/whitepaper authoring and podcast speaking/producing experience is strongly preferred.

• Standard industry certifications are preferred.

• Minimum of 4 years of experience in Application Security or related roles

• Minimum of 2 years of experience in a consulting services role or related internal information security positions

• Bachelor’s degree in a relevant discipline or equivalent experience

• Travel up to 20%