Senior Application Security Consultant- Remote (Anywhere in the U.S.)

Job Description

• GuidePoint Security provides trusted cybersecurity expertise, solutions and services that help organizations make better decisions and minimize risk. By taking a three-tiered, holistic approach for evaluating security posture and ecosystems, GuidePoint enables some of the nation’s top organizations, such as Fortune 500 companies and U.S. government agencies, to identify threats, optimize resources and integrate best-fit solutions that mitigate risk. • GuidePoint Security offers an inclusive set of Application Security services, including Application Security Assessments for various application types (web, mobile, IoT, thick client), Threat Modeling, Source Code Reviews, Application Architecture Reviews, Application Security Program Management, Secure Development Training, and Secure SDLC Implementation. • The Senior Application Security Consultant joins GuidePoint’s elite team of Application Security experts to deliver the aforementioned services, which involves performing assessments, communicating with clients, delivering comprehensive reports, and providing remediation guidance. You will spend your time focusing on challenging projects and solving complex problems. Our clients will rely on your experience, adaptability, and creativity to identify application security issues that others often miss. • GuidePoint Security’s Application Security team's offerings consistently evolve with the security industry and risks that modern environments face.

Qualifications

• Experience with testing tools such as Burp Suite, Postman, Netsparker, sqlmap, DirBuster, OpenSSL, etc. • Experience reviewing source code written in JavaScript, Python, Java, C++, PHP, or C# • In-depth knowledge of testing methodologies and when to creatively deviate from structured processes • Deep understanding of a broad range of Application Security issues as well as their mitigation strategies • Understanding of reverse engineering concepts, as well as tools involved such as debuggers, disassemblers, and operating system monitoring utilities • Internal operational DevSecOps experience is preferred. • Strong communication skills that include the ability to clearly articulate thoughts and distill complex problems into digestible pieces of information during live conversations, formal deliverables, white papers, and case studies • InfoSec community involvement, such as conference speaking, blog/whitepaper authoring, and podcast speaking/producing experience, is strongly preferred. • Standard industry certifications are preferred. • Bachelor’s degree in a relevant discipline or equivalent experience • Minimum of 4 years of experience in Application Security or related roles • Minimum of 2 years of experience in a consulting services role or related internal information security positions • Travel up to 20%

Benefits

• Remote workforce primarily (U.S. based only, some travel may be required for certain positions, working on-site may be required for Federal positions) • 100% employer-paid medical premiums (employee only $0 deductible and HSA plans) along with 75% employer-paid family contributions • 100% employer-paid dental premiums (employee only) along with 75% employer-paid family contributions • 12 corporate holidays and a Flexible Time Off (FTO) program • Healthy mobile phone and home internet allowance • Eligibility for retirement plan after 2 months at open enrollment • Pet Benefit Option