Senior Product Security Consultant

October 23

Apply Now

Receive Emails with Similar Jobs

Finite State

WebsiteLinkedInAll Job Openings

Cybersecurity • Enterprise • SaaS

Finite State is a leading provider of comprehensive software risk management solutions, focused on securing digital assets and enhancing the security of connected devices across various industries. Their platform is designed to address the unique challenges of device security, such as long lifecycles, complex supply chains, and vendor transparency issues. Finite State offers solutions for software supply chain security, SBOM management, incident response, and vulnerability management, helping organizations adhere to cyber compliance and manage risk effectively. With capabilities to scan source code, binaries, and third-party components, Finite State delivers unmatched visibility and protection for a wide range of connected devices, including those in automotive, medical, industrial, energy, and government sectors.

51 - 200 employees

Founded 2017

🔒 Cybersecurity

🏢 Enterprise

☁️ SaaS

📋 Description

• Own and lead product security consulting engagements end-to-end — including client scoping, proposal writing, delivery, and outcomes. • Deliver product security services such as security control validation, policy implementation, secure development lifecycle integration, penetration testing advisory, and risk assessments. • Translate security findings into business-aligned, actionable recommendations for both technical and executive audiences. • Serve as a trusted advisor to clients — including CSOs, compliance leaders, and engineering teams — helping them mature their product security posture. • Consult on global regulatory mandates relevant to connected systems (e.g., FDA 524B, CRA, Department of Commerce Connected Vehicle Rule, NIST, EO 14028), translating those into practical implementation plans. • Guide clients on security integration into DevOps pipelines, including tooling strategy and SBOM/vulnerability workflows. • Drive urgency and accountability across all engagements — from early discovery through program handoff and beyond. • Take ownership of program management and delivery outcomes — maintaining high standards for communication, execution, and customer satisfaction.

🎯 Requirements

• 8–10+ years of hands-on experience in product security and/or product security consulting — including embedded systems, connected device platforms, or firmware security. • Demonstrated experience delivering product security services as a consultant or internal lead — not just advising, but doing. • Background in startups or fast paced consulting environments with high accountability and direct client engagement. • Proven ability to scope, lead, and execute consulting projects independently. • Strong understanding of product security controls, penetration testing, secure product design, and related regulatory frameworks. • Experience operating as a solo consultant or lead contributor, capable of managing multiple high-urgency priorities. • Ability to credibly advise senior stakeholders and CSOs — grounded in knowledge, presence, and delivery over polish. • Strong program management discipline — with a focus on execution, timelines, and business impact.

🏖️ Benefits

• Health insurance • 401(k) matching • Flexible work hours • Paid time off • Professional development opportunities