Senior Application Security Consultant at GuidePoint Security

GuidePoint Security is a trusted provider of cybersecurity expertise, solutions, and services, dedicated to helping organizations make informed decisions and minimize risk. Through a holistic, three-tiered approach, GuidePoint empowers top organizations, including Fortune 500 companies and U.S. government agencies, to detect threats, optimize resources, and integrate effective solutions.

About the Role

As a Senior Consultant within our specialized Application Security (AppSec) team, you will be instrumental in advising, engineering, and providing fractional security support to development teams. You will engage with a diverse range of clients, helping them mature their AppSec programs or optimize existing structures. This role demands a blend of strategic vision—crafting roadmaps and aligning executives—and hands-on execution—working directly with client teams to implement solutions. You possess a deep understanding of what constitutes effective AppSec, the common challenges in building and scaling programs, and the practical strategies that drive engineering adoption.

What You'll Be Doing

• Lead AppSec program assessments to evaluate current states, identify gaps, and prioritize remediation based on risk, resources, and client readiness.
• Design pragmatic security workflows, processes, tooling integrations, and developer-friendly practices that engineering teams will readily adopt.
• Engage in hands-on implementation, including integrating SAST/SCA/DAST/API security tools, configuring CI/CD security gates, building threat models, and conducting architecture reviews.
• Navigate organizational complexities, addressing issues like tool sprawl, adoption challenges, competing priorities, technical debt, and cross-functional alignment.
• Deliver high-quality client deliverables, including clear assessments, actionable roadmaps, implementation guides, and executive communications.
• Act as a strategic advisor and hands-on partner, tailoring your approach to each client's unique culture, maturity, and objectives.

What We're Looking For

Required:

• Minimum of 5 years of experience in application security, with proven success in building, scaling, or leading an AppSec program.
• Proficiency in implementing, operationalizing, and troubleshooting a range of AppSec tools (SAST, DAST, SCA, API Security, secrets management).
• Comfort operating at both strategic (program design, roadmaps, risk prioritization) and tactical (hands-on implementation, tool configuration, code review) levels.
• Strong understanding of Secure Development Lifecycles (SDL) and experience triaging and remediating web application vulnerabilities.
• Exceptional written and verbal communication skills, capable of translating technical findings into business risk for executives and security requirements for developers.

Nice to Have:

• Prior consulting or client-facing experience, including engagement scoping, expectation management, and high-quality delivery.
• Operational DevSecOps experience.
• Relevant security certifications (e.g., CSSLP, OSCP, GWAPT).
• Experience with cloud-native security (AWS, Azure, GCP) and container/Kubernetes security.

Why GuidePoint?

GuidePoint Security is a dynamic, profitable, and privately held value-added reseller exclusively focused on Information Security. Since 2011, we have grown to over 1,200 employees, forged strategic partnerships with leading security vendors, and earned the trust of over 6,200 customers. Our success is driven by clearly defined core values that foster a collaborative and enjoyable workplace. You'll work alongside knowledgeable, skilled, and experienced colleagues who are eager to mentor and collaborate.

This is a remarkable opportunity to grow your career with one of the nation's fastest-growing companies.

Perks and Benefits

• Predominantly remote workforce (U.S. based; some travel may be required).
• Comprehensive Group Medical Insurance options with significant employer contributions.
• Group Dental Insurance with substantial employer contribution.
• 12 corporate holidays and a Flexible Time Off (FTO) program.
• Generous mobile phone and home internet allowance.
• Eligibility for retirement plan after 2 months at open enrollment.
• Pet Benefit Option.

Note: GuidePoint uses Greenhouse Software and Zoom Scheduler. Please check your SPAM folder for communications.