Job description
GuidePoint Security provides trusted cybersecurity expertise, solutions and services that help organizations make better decisions and minimize risk. By taking a three-tiered, holistic approach for evaluating security posture and ecosystems, GuidePoint enables some of the nation's top organizations, such as Fortune 500 companies and U.S. government agencies, to identify threats, optimize resources and integrate best-fit solutions that mitigate risk. The Role We're a specialized AppSec team providing advisory, engineering, and fractional security support to development teams. We're looking for a senior consultant who knows what good looks like and has the expertise to help clients get there. You'll work across a diverse portfolio of client engagements, helping organizations mature their application security programs or optimize what they've already built. Some clients need strategic roadmaps and executive alignment, while others need someone to roll up their sleeves and build alongside their teams. Most need both. You've built an AppSec program before. You understand the gaps that inevitably appear, the organizational friction that slows progress, and the practical approaches that actually get engineering teams moving in the right direction. You can hold your own with a CISO discussing risk posture and business impact, then walk into a sprint planning meeting and earn immediate credibility with developers. What You'll Be Doing Leading AppSec program assessments to evaluate current state, identify gaps, and help clients prioritize remediation efforts based on risk, resources, and organizational readiness Designing pragmatic security workflows, processes, tooling integrations, and developer friendly practices that engineering teams will actually adopt Getting hands-on when needed: implementing SAST/SCA/DAST/API tooling, configuring CI/CD security gates, building threat models, and conducting architecture reviews Navigating organizational complexity by helping clients