Sr. Product Security Consultant
Senior Product Security Consultant
Remote – United States
Role Summary
We are seeking a Senior Product Security Consultant to join our Product Security Services team and deliver outcome-driven, end-to-end consulting engagements focused on securing embedded and connected devices.
This is a high-priority, senior individual contributor role, ideal for someone who has both deep product security experience and a strong consulting presence. You'll be responsible for owning the full lifecycle of service engagements — including scoping, proposal development, execution, delivery, and post-engagement support.
You’ll work directly with engineering and security leaders across industries, offering practical, actionable guidance around secure product development, testing, risk reduction, and compliance. While not a leadership role in title, this position requires the presence and expertise to advise CSOs and senior stakeholders, acting as the face of product security delivery for our clients.
If you're a product security expert with a consultative mindset who thrives in fast-paced environments, knows how to command a room, and enjoys delivering real results, this could be a strong fit.
Responsibilities
Own and lead product security consulting engagements end-to-end — including client scoping, proposal writing, delivery, and outcomes.
Deliver product security services such as security control validation, policy implementation, secure development lifecycle integration, penetration testing advisory, and risk assessments.
Translate security findings into business-aligned, actionable recommendations for both technical and executive audiences.
Serve as a trusted advisor to clients — including CSOs, compliance leaders, and engineering teams — helping them mature their product security posture.
Consult on global regulatory mandates relevant to connected systems (e.g., FDA 524B, CRA, Department of Commerce Connected Vehicle Rule, NIST, EO 14028), translating those into practical implementation plans.
Guide clients on security integration into DevOps pipelines, including tooling strategy and SBOM/vulnerability workflows.
Drive urgency and accountability across all engagements — from early discovery through program handoff and beyond.
Take ownership of program management and delivery outcomes — maintaining high standards for communication, execution, and customer satisfaction.
What We’re Looking For
8–10+ years of hands-on experience in product security and/or product security consulting — including embedded systems, connected device platforms, or firmware security.
Demonstrated experience delivering product security services as a consultant or internal lead — not just advising, but doing.
Background in startups or fast paced consulting environments with high accountability and direct client engagement.
Proven ability to scope, lead, and execute consulting projects independently.
Strong understanding of product security controls, penetration testing, secure product design, and related regulatory frameworks.
Experience operating as a solo consultant or lead contributor, capable of managing multiple high-urgency priorities.
Ability to credibly advise senior stakeholders and CSOs — grounded in knowledge, presence, and delivery over polish.
Strong program management discipline — with a focus on execution, timelines, and business impact.
It’s a Plus If You Also Have
Experience in industries such as Automotive, Industrial Control Systems, or Consumer Electronics.
Familiarity with regulatory standards like FDA Premarket Guidance, Cyber Resilience Act, US Department of Commerce Connected Vehicle Rule, NIST 800-53/82, or ISO 26262/62443.
Hands-on experience with SBOMs, vulnerability management, and secure SDLC practices.
Experience engaging directly with regulators, key customers, or partners around security posture and compliance.
Familiarity with commercial or open-source tools for binary/static analysis, SCA, or CI/CD security automation.
Sr. Product Security Consultant
Senior Product Security Consultant
Remote – United States
Role Summary
We are seeking a Senior Product Security Consultant to join our Product Security Services team and deliver outcome-driven, end-to-end consulting engagements focused on securing embedded and connected devices.
This is a high-priority, senior individual contributor role, ideal for someone who has both deep product security experience and a strong consulting presence. You'll be responsible for owning the full lifecycle of service engagements — including scoping, proposal development, execution, delivery, and post-engagement support.
You’ll work directly with engineering and security leaders across industries, offering practical, actionable guidance around secure product development, testing, risk reduction, and compliance. While not a leadership role in title, this position requires the presence and expertise to advise CSOs and senior stakeholders, acting as the face of product security delivery for our clients.
If you're a product security expert with a consultative mindset who thrives in fast-paced environments, knows how to command a room, and enjoys delivering real results, this could be a strong fit.
Responsibilities
Own and lead product security consulting engagements end-to-end — including client scoping, proposal writing, delivery, and outcomes.
Deliver product security services such as security control validation, policy implementation, secure development lifecycle integration, penetration testing advisory, and risk assessments.
Translate security findings into business-aligned, actionable recommendations for both technical and executive audiences.
Serve as a trusted advisor to clients — including CSOs, compliance leaders, and engineering teams — helping them mature their product security posture.
Consult on global regulatory mandates relevant to connected systems (e.g., FDA 524B, CRA, Department of Commerce Connected Vehicle Rule, NIST, EO 14028), translating those into practical implementation plans.
Guide clients on security integration into DevOps pipelines, including tooling strategy and SBOM/vulnerability workflows.
Drive urgency and accountability across all engagements — from early discovery through program handoff and beyond.
Take ownership of program management and delivery outcomes — maintaining high standards for communication, execution, and customer satisfaction.
What We’re Looking For
8–10+ years of hands-on experience in product security and/or product security consulting — including embedded systems, connected device platforms, or firmware security.
Demonstrated experience delivering product security services as a consultant or internal lead — not just advising, but doing.
Background in startups or fast paced consulting environments with high accountability and direct client engagement.
Proven ability to scope, lead, and execute consulting projects independently.
Strong understanding of product security controls, penetration testing, secure product design, and related regulatory frameworks.
Experience operating as a solo consultant or lead contributor, capable of managing multiple high-urgency priorities.
Ability to credibly advise senior stakeholders and CSOs — grounded in knowledge, presence, and delivery over polish.
Strong program management discipline — with a focus on execution, timelines, and business impact.
It’s a Plus If You Also Have
Experience in industries such as Automotive, Industrial Control Systems, or Consumer Electronics.
Familiarity with regulatory standards like FDA Premarket Guidance, Cyber Resilience Act, US Department of Commerce Connected Vehicle Rule, NIST 800-53/82, or ISO 26262/62443.
Hands-on experience with SBOMs, vulnerability management, and secure SDLC practices.
Experience engaging directly with regulators, key customers, or partners around security posture and compliance.
Familiarity with commercial or open-source tools for binary/static analysis, SCA, or CI/CD security automation.