S

Principal Application Security Consultant

Secure Code Warrior
Full-time
Remote
United States
Secure Code Warrior’s mission is to establish new standards for coding that transform the ways software is created. We do this by providing the world’s leading agile learning platform that delivers the most effective secure coding solution for developers to learn, apply, and retain software security principles.  More than 600 enterprises trust Secure Code Warrior to implement agile learning security programs, build safer software, and create a culture of developer-driven security.  We are a venture-backed company with offices in Australia, the United States, Belgium, Iceland, and the United Kingdom.

What are the essential duties of this role?

    • Framework & Strategy Advisory for Secure Coding Programs: Guide clients in developing scalable frameworks and strategic plans that they can use to build their own secure coding initiatives.
    • AppSec Maturity & Vulnerability Assessment: Conduct high-level AppSec assessments, providing recommendations around developer training curriculum and policies.
    • Stakeholder Alignment & Trusted Advisory: Act as a trusted advisor to AppSec and other client stakeholders, supporting them in aligning with executives and securing buy-in for their secure coding program goals.
    • Executive Metrics Advisory: Help executives define meaningful program metrics and equip their teams with frameworks to measure and communicate the ROI of their secure coding programs.
    • Collaboration with Internal Teams: Partner with Senior Consultants and Cyber Awareness Experts to provide clients with well-rounded strategic and technical guidance.
    • Continuous Learning & Industry Knowledge Development: Stay informed on AppSec trends, adapting recommendations to reflect the latest industry insights and client feedback.

What you will bring:

    • A minimum of 10+ years experience as a consultant / practitioner in the App Sec or Cyber Space with medium to large enterprises.
    • Extensive experience rolling out Appsec or DevSecOps tools and processes such as SAST, SCA, Threat Modelling, Developer Training etc.
    • Direct experience managing or overseeing rollout of developer training.
    • Strong analytical and problem-solving skills including an ability to think ‘on their feet’ when faced with challenging questions in the sales environment
    • Strong client-facing skills, e.g. meeting & presenting to clients (ideally with experience dealing with similar types/levels of contact).
    • Effective and clear communication - written, verbal and in presenting to a variety of audiences.