logo inner

Senior Product Security Consultant

CENSUS SAAbu Dhabi, United Arab EmiratesOnsite

About CENSUS


CENSUS LABS is a cybersecurity engineering powerhouse specializing in securing products and organizations. Our identity is rooted in professionalism, engineering excellence, a scientific mindset, and hacking demeanor. We are research-driven, enabling us to deliver a diverse range of professional services. CENSUS is trusted to conduct high-impact product security engagements, helping our clients secure their solutions from design to deployment, using realistic and risk-informed approaches. Our expertise spans end-to-end systems, including Secure Communications, IoT, Medical Devices, Mobile, and Vehicle Computing platforms.

Learn more about CENSUS at census-labs.com.

About the Job


CENSUS’ bespoke cybersecurity services are driven by a talented team of Security Engineers, Consultants, and Researchers whose work goes beyond traditional security assessment. Under the mentorship of our Engineering Managers, our consultants perform technical evaluations of complex systems and deliver insights that drive measurable improvements. We are seeking a technically strong and detail-oriented Senior Product Security Consultant to join our Cybersecurity Engineering team. The ideal candidate will have extensive experience in product-level security verification, threat model analysis, and product-level testing.

You will be responsible for evaluating the security posture of software and system products by validating architecture, threat models, and security controls. You will participate in structured evaluation projects aligned with industry and regulatory standards such as Common Criteria, ISO/IEC 27002, or equivalent frameworks.

Key Responsibilities


  • Review and validate security documentation (e.g., Security Targets, threat models, trust boundaries, asset inventories).

  • Assess the completeness, accuracy, and risk coverage of various threat models and risk assessment frameworks (STRIDE, LINDDUN, OWASP, TARA, TAL, etc.).

  • Verify security requirement traceability across assets, trust boundaries, and system functions.

  • Conduct architectural and implementation-level reviews of security controls (e.g., encryption, access control, key management).

  • Perform targeted security testing (white-box and black-box) on system APIs, client/mobile apps, backend services, and cloud infrastructure.

  • Validate implementation of cryptographic controls, key lifecycle procedures, and secure communication protocols.

  • Evaluate the use of post-quantum cryptography and hybrid models in secure key management.

  • Analyze secure deployment configurations across containerized platforms (Docker, Kubernetes), CI/CD pipelines, and cloud services.

  • Deliver comprehensive, standards-aligned technical reports based on evaluation findings.

  • Communicate product security risks clearly to both technical and non-technical audiences.

Minimum Qualifications


  • MSc or BSc in Computer Science, Electrical/Software Engineering, Cybersecurity, or a related technical discipline.

  • 5+ years of experience in product security, software evaluation, or penetration testing.

  • Proven ability to evaluate threat models, security requirements, and mitigation effectiveness.

  • Strong technical writing and documentation skills in English.

  • Excellent analytical skills and attention to detail.

Required


Skills


  • In-depth understanding of security architecture and common system design patterns (e.g., API gateways, microservices, message queues, service meshes).

  • Hands-on experience performing design-level security reviews and verifying implementation alignment with defined threat models.

  • Familiarity with structured security frameworks such as Common Criteria, FIPS 140, ISO 15408, OWASP ASVS, and MASVS.

  • Practical experience with security testing in diverse product environments (mobile, embedded, web/cloud, API).

  • Knowledge of authentication, authorization, identity, and secrets management technologies (e.g., OAuth2, MFA, PKI, SSO, Cloud IAM, HashiCorp Vault).

  • Proficiency in applied cryptography (e.g., mTLS, E2EE, AEAD, key derivation, key wrapping, remote attestation).

  • Ability to identify security vulnerabilities across platforms (e.g., OWASP Top 10, misconfigurations, transport security gaps).

  • Excellent documentation and communication skills, able to articulate technical risks and findings to diverse audiences.

  • Problem solving skills, analytical thinking, and willingness to learn/grow.

Nice-to-Have Skills


  • Ability to read and analyze source code for logic flaws in one or more language families:

  • Mobile: Swift, Obj-C, Kotlin, Java, Dart, JavaScript

  • Web/Cloud: Java, Python, Go, PHP, Ruby, C#, JavaScript

  • Native/Embedded: C, C++

  • Experience debugging or instrumenting applications across edge, embedded, or cloud platforms.

  • Familiarity with Zero Trust architectures, enclaves, and confidential computing technologies.

  • Exposure to fuzzing, symbolic execution, or static analysis techniques.

  • Experience collaborating with distributed teams across different time zones and cultures.

Life at CENSUS SA

Thrive Here & What We Value1. Collaborative Work Environment2. Efficient Work Environment3. Personal Development Opportunities4. Creative Work Environment5. Equal Opportunity Employer6. Reasonable Accommodations for Disabled Employees7. Prohibition of Harassment Based on Protected Status8. Cuttingedge Research and Scientific Analysis9. Indepth Engineering Experience across Various Industries & Technologies10. Enjoyable Work Environment
View more
Your tracker settings

We use cookies and similar methods to recognize visitors and remember their preferences. We also use them to measure ad campaign effectiveness, target ads and analyze site traffic. To learn more about these methods, including how to disable them, view our Cookie Policy or Privacy Policy.

By tapping `Accept`, you consent to the use of these methods by us and third parties. You can always change your tracker preferences by visiting our Cookie Policy.

logo innerThatStartupJob
Discover the best startup and their job positions, all in one place.
Quick SearchSearch JobsSearch Remote Jobs hiring WorldwideSearch Remote Jobs in the USSearch Jobs in IndiaSearch Remote Jobs in UKSearch by Title
AreaCaliforniaMassachusettsNew YorkTexasVirginiaWashington D.C.View all
Popular SubRemote JobsWeb3 JobsiOS Developer JobsFront End Developer Remote JobsComputational Geometry JobsCannabis CareersView all
CompanyAbout UsContact usBlogCreditsCareersPrivacy PolicyCookie Policy
Copyright © 2025