Sr. Product Security Consultant

Senior Product Security Consultant

Remote – United States

Role Summary

We are seeking a Senior Product Security Consultant to join our Product Security Services team and deliver outcome-driven end-to-end consulting engagements focused on securing embedded and connected devices.

This is a high-priority senior individual contributor role ideal for someone who has both deep product security experience and a strong consulting presence. You'll be responsible for owning the full lifecycle of service engagements — including scoping proposal development execution delivery and post-engagement support.

You’ll work directly with engineering and security leaders across industries offering practical actionable guidance around secure product development testing risk reduction and compliance. While not a leadership role in title this position requires the presence and expertise to advise CSOs and senior stakeholders acting as the face of product security delivery for our clients.

If you're a product security expert with a consultative mindset who thrives in fast-paced environments knows how to command a room and enjoys delivering real results this could be a strong fit.

Responsibilities

• Own and lead product security consulting engagements end-to-end — including client scoping proposal writing delivery and outcomes.

• Deliver product security services such as security control validation policy implementation secure development lifecycle integration penetration testing advisory and risk assessments .

• Translate security findings into business-aligned actionable recommendations for both technical and executive audiences.

• Serve as a trusted advisor to clients — including CSOs compliance leaders and engineering teams — helping them mature their product security posture.

• Consult on global regulatory mandates relevant to connected systems (e.g. FDA 524B CRA Department of Commerce Connected Vehicle Rule NIST EO 14028) translating those into practical implementation plans.

• Guide clients on security integration into DevOps pipelines including tooling strategy and SBOM/vulnerability workflows.

• Drive urgency and accountability across all engagements — from early discovery through program handoff and beyond.

• Take ownership of program management and delivery outcomes — maintaining high standards for communication execution and customer satisfaction.

What We’re Looking For

• 8–10+ years of hands-on experience in product security and/or product security consulting — including embedded systems connected device platforms or firmware security.

• Demonstrated experience delivering product security services as a consultant or internal lead — not just advising but doing.

• Background in startups or fast paced consulting environments with high accountability and direct client engagement.

• Proven ability to scope lead and execute consulting projects independently.

• Strong understanding of product security controls penetration testing secure product design and related regulatory frameworks.

• Experience operating as a solo consultant or lead contributor capable of managing multiple high-urgency priorities.

• Ability to credibly advise senior stakeholders and CSOs — grounded in knowledge presence and delivery over polish.

• Strong program management discipline — with a focus on execution timelines and business impact.

It’s a Plus If You Also Have

• Experience in industries such as Automotive Industrial Control Systems or Consumer Electronics .

• Familiarity with regulatory standards like FDA Premarket Guidance Cyber Resilience Act US Department of Commerce Connected Vehicle Rule NIST 800-53/82 or ISO 26262/62443 .

• Hands-on experience with SBOMs vulnerability management and secure SDLC practices .

• Experience engaging directly with regulators key customers or partners around security posture and compliance.

• Familiarity with commercial or open-source tools for binary/static analysis SCA or CI/CD security automation .