Senior Product Security Consultant
Finite State
full-time
Posted on:
Location Type: Remote
Location: Remote • 🇺🇸 United States
Visit company websiteJob Level
Senior
About the role
- Own and lead product security consulting engagements end-to-end — including client scoping, proposal writing, delivery, and outcomes.
- Deliver product security services such as security control validation, policy implementation, secure development lifecycle integration, penetration testing advisory, and risk assessments.
- Translate security findings into business-aligned, actionable recommendations for both technical and executive audiences.
- Serve as a trusted advisor to clients — including CSOs, compliance leaders, and engineering teams — helping them mature their product security posture.
- Consult on global regulatory mandates relevant to connected systems (e.g., FDA 524B, CRA, Department of Commerce Connected Vehicle Rule, NIST, EO 14028), translating those into practical implementation plans.
- Guide clients on security integration into DevOps pipelines, including tooling strategy and SBOM/vulnerability workflows.
- Drive urgency and accountability across all engagements — from early discovery through program handoff and beyond.
- Take ownership of program management and delivery outcomes — maintaining high standards for communication, execution, and customer satisfaction.
Requirements
- 8–10+ years of hands-on experience in product security and/or product security consulting — including embedded systems, connected device platforms, or firmware security.
- Demonstrated experience delivering product security services as a consultant or internal lead — not just advising, but doing.
- Background in startups or fast paced consulting environments with high accountability and direct client engagement.
- Proven ability to scope, lead, and execute consulting projects independently.
- Strong understanding of product security controls, penetration testing, secure product design, and related regulatory frameworks.
- Experience operating as a solo consultant or lead contributor, capable of managing multiple high-urgency priorities.
- Ability to credibly advise senior stakeholders and CSOs — grounded in knowledge, presence, and delivery over polish.
- Strong program management discipline — with a focus on execution, timelines, and business impact.
Benefits
- Health insurance
- 401(k) matching
- Flexible work hours
- Paid time off
- Professional development opportunities
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard skills
product securitysecurity control validationpolicy implementationsecure development lifecyclepenetration testingrisk assessmentsDevOps integrationSBOMvulnerability workflowsprogram management
Soft skills
client engagementcommunicationexecutioncustomer satisfactionleadershipaccountabilityadvisory skillsproject managementurgencyindependence