Senior Product Security Consultant

CENSUS LABS

Completely RemoteContractEngineering & Architecture
Posted Today

Job description

Responsibilities

  • Review and validate security documentation, including security targets, threat models, and trust boundaries.
  • Assess the accuracy and risk coverage of threat models using frameworks like STRIDE, LINDDUN, and OWASP.
  • Conduct architectural and implementation-level reviews of security controls such as encryption, access control, and key management.
  • Perform white-box and black-box security testing on APIs, mobile applications, backend services, and cloud infrastructure.
  • Validate the implementation of cryptographic controls, key lifecycle procedures, and secure communication protocols.
  • Analyze secure deployment configurations across containerized platforms, CI/CD pipelines, and cloud services.
  • Deliver comprehensive, standards-aligned technical reports and communicate risks to both technical and non-technical audiences.

Requirements

  • MSc or BSc in Computer Science, Electrical/Software Engineering, Cybersecurity, or a related technical discipline.
  • 3+ years of experience in product security, software evaluation, or penetration testing.
  • Proven ability to evaluate threat models, security requirements, and mitigation effectiveness.
  • In-depth understanding of security architecture and common system design patterns (API gateways, microservices, etc.).
  • Practical experience with security testing in diverse environments including mobile, embedded, web, and cloud.
  • Proficiency in applied cryptography (mTLS, E2EE, AEAD, key derivation).
  • Familiarity with structured security frameworks such as Common Criteria, FIPS 140, ISO 15408, OWASP ASVS, and MASVS.
  • Strong technical writing and documentation skills in English.

Preferred Qualifications

  • Ability to read and analyze source code in languages such as Python, Go, Java, C/C++, or Swift.
  • Experience debugging or instrumenting applications across edge, embedded, or cloud platforms.
  • Familiarity with Zero Trust architectures, enclaves, and confidential computing technologies.
  • Exposure to fuzzing, symbolic execution, or static analysis techniques.

About the Company

CENSUS LABS is a cybersecurity engineering powerhouse specializing in securing products and organizations. We are research-driven and trusted to conduct high-impact product security engagements, helping clients secure solutions from design to deployment across Secure Communications, IoT, Medical Devices, Mobile, and Vehicle Computing platforms.

Skills & tools

Product securityPenetration TestingThreat modeling

What the team is looking for

Use this list as a quick fit check before you apply.

  1. 01MSc or BSc in Computer Science or related field
  2. 023+ years in product security or penetration testing
  3. 03Experience with threat models (STRIDE, LINDDUN, OWASP)
  4. 04Knowledge of security frameworks (Common Criteria, FIPS 140, ISO 15408)
  5. 05Proficiency in applied cryptography
  6. 06Experience with API, mobile, and cloud security testing