Already filled

Don't miss the next one. Get matching roles delivered to your inbox.

Get matching jobs by emailAll Remote jobs
ST

Stella Contracting, Inc

Product Security Consultant

Job summary

Austin

Work model

Fully remote
Only US
1 month ago
Job description

About the Role

We are seeking a highly skilled Product Security Consultant to assess, design, and enhance the security posture of our products and applications. The ideal candidate will work closely with engineering, product, and DevOps teams to integrate security best practices throughout the product lifecycle. This role requires deep expertise in application security, risk management, and secure development practices within a remote environment.

Key Responsibilities

  • Conduct security assessments, code reviews, and vulnerability testing for applications and products
  • Identify security risks and recommend remediation strategies
  • Integrate security practices into the software development lifecycle (SDLC)
  • Perform threat modeling and risk analysis for new and existing products
  • Collaborate with development and product teams to implement secure coding practices
  • Review system architecture to ensure compliance with security standards
  • Support penetration testing efforts and coordinate with third-party security vendors
  • Develop and enforce security policies, standards, and guidelines
  • Provide security training and awareness to engineering teams
  • Stay current with emerging threats, vulnerabilities, and industry best practices

Required Qualifications

  • Must be currently residing in the United States
  • Valid U.S. work authorization (citizen, permanent resident, or authorized work permit holder)
  • Proven experience in product security, application security, or cybersecurity consulting
  • Strong understanding of secure software development practices and OWASP Top 10
  • Experience with security testing tools (SAST, DAST, SCA)
  • Knowledge of cloud security (AWS, Azure, or Google Cloud)
  • Experience with threat modeling and risk assessment methodologies
  • Familiarity with DevSecOps practices and CI/CD security integration
  • Strong analytical and problem-solving skills
  • Excellent communication and stakeholder engagement abilities

Preferred Qualifications

  • Relevant certifications (e.g., CISSP, CEH, OSCP, CSSLP)
  • Experience with penetration testing and ethical hacking
  • Knowledge of compliance frameworks (SOC 2, ISO 27001, NIST)
  • Familiarity with container and Kubernetes security
  • Experience working in Agile or DevOps environments

Work Environment

  • Fully remote role with flexible scheduling options
  • Must be available to work within U.S. business hours
  • Occasional security incident response or urgent assessments may be required

Compensation & Benefits

  • Opportunity for long-term engagement or full-time conversion (if applicable)
  • Professional development and certification support