Product Security Consultant

πŸ‡¬πŸ‡· Greece - Remote
πŸ”’ CybersecurityπŸ”΅ Mid-level

Job description

About CENSUS

CENSUS LABS is a cybersecurity engineering powerhouse specializing in securing products and organizations. Our identity is rooted in professionalism, engineering excellence, a scientific mindset, and hacking demeanor. We are research-driven, enabling us to deliver a diverse range of professional services.

CENSUS is trusted to conduct high-impact product security engagements, helping our clients secure their solutions from design to deployment, using realistic and risk-informed approaches. Our expertise spans end-to-end systems, including Secure Communications, IoT, Medical Devices, Mobile, and Vehicle Computing platforms.

Learn more about CENSUS at census-labs.com.

About the Job

CENSUS’ bespoke cybersecurity services are driven by a talented team of Security Engineers, Consultants, and Researchers whose work goes beyond traditional security assessment. Under the mentorship of our Engineering Managers, our consultants perform technical evaluations of complex systems and deliver insights that drive measurable improvements.

We are seeking a technically strong and detail-oriented Senior Product Security Consultant to join our Cybersecurity Engineering team. The ideal candidate will have extensive experience in product-level security verification, threat model analysis, and product-level testing.

You will be responsible for evaluating the security posture of software and system products by validating architecture, threat models, and security controls. You will participate in structured evaluation projects aligned with industry and regulatory standards such as Common Criteria, ISO/IEC 27002, or equivalent frameworks.

Key Responsibilities

  • Review and validate security documentation (e.g., Security Targets, threat models, trust boundaries, asset inventories).

  • Assess the completeness, accuracy, and risk coverage of various threat models and risk assessment frameworks (STRIDE, LINDDUN, OWASP, TARA, TAL, etc.).

  • Verify security requirement traceability across assets, trust boundaries, and system functions.

  • Conduct architectural and implementation-level reviews of security controls (e.g., encryption, access control, key management).

  • Perform targeted security testing (white-box and black-box) on system APIs, client/mobile apps, backend services, and cloud infrastructure.

  • Validate implementation of cryptographic controls, key lifecycle procedures, and secure communication protocols.

  • Evaluate the use of post-quantum cryptography and hybrid models in secure key management.

  • Analyze secure deployment configurations across containerized platforms (Docker, Kubernetes), CI/CD pipelines, and cloud services.

  • Deliver comprehensive, standards-aligned technical reports based on evaluation findings.

  • Communicate product security risks clearly to both technical and non-technical audiences.

Minimum Qualifications

  • Fluent in Greek

  • MSc or BSc in Computer Science, Electrical/Software Engineering, Cybersecurity, or a related technical discipline.

  • 3+ years of experience in product security, software evaluation, or penetration testing.

  • Proven ability to evaluate threat models, security requirements, and mitigation effectiveness.

  • Strong technical writing and documentation skills in English.

  • Excellent analytical skills and attention to detail.

Required Skills

  • In-depth understanding of security architecture and common system design patterns (e.g., API gateways, microservices, message queues, service meshes).

  • Hands-on experience performing design-level security reviews and verifying implementation alignment with defined threat models.

  • Familiarity with structured security frameworks such as Common Criteria, FIPS 140, ISO 15408, OWASP ASVS, and MASVS.

  • Practical experience with security testing in diverse product environments (mobile, embedded, web/cloud, API).

  • Knowledge of authentication, authorization, identity, and secrets management technologies (e.g., OAuth2, MFA, PKI, SSO, Cloud IAM, HashiCorp Vault).

  • Proficiency in applied cryptography (e.g., mTLS, E2EE, AEAD, key derivation, key wrapping, remote attestation).

  • Ability to identify security vulnerabilities across platforms (e.g., OWASP Top 10, misconfigurations, transport security gaps).

  • Excellent documentation and communication skills, able to articulate technical risks and findings to diverse audiences.

  • Problem solving skills, analytical thinking, and willingness to learn/grow.

Nice-to-Have Skills

  • Ability to read and analyze source code for logic flaws in one or more language families:

  • Mobile: Swift, Obj-C, Kotlin, Java, Dart, JavaScript

  • Web/Cloud: Java, Python, Go, PHP, Ruby, C#, JavaScript

  • Native/Embedded: C, C++

  • Experience debugging or instrumenting applications across edge, embedded, or cloud platforms.

  • Familiarity with Zero Trust architectures, enclaves, and confidential computing technologies.

  • Exposure to fuzzing, symbolic execution, or static analysis techniques.

  • Experience collaborating with distributed teams across different time zones and cultures.

Share this job:
Please let CENSUS know you found this job on Remote First Jobs πŸ™

Similar Remote Jobs

CENSUS logo

CENSUS

  • 3 remote jobs

Latest Jobs at CENSUS

Benefits of using Remote First Jobs

Discover Hidden Jobs

Unique jobs you won't find on other job boards.

Advanced Filters

Filter by category, benefits, seniority, and more.

Priority Job Alerts

Get timely alerts for new job openings every day.

Manage Your Job Hunt

Save jobs you like and keep a simple list of your applications.

Search remote, work from home, 100% online jobs

We help you connect with top remote-first companies.

Search jobs

Hiring remote talent? Post a job

Frequently Asked Questions

What makes Remote First Jobs different from other job boards?

Unlike other job boards that only show jobs from companies that pay to post, we actively scan over 20,000 companies to find remote positions. This means you get access to thousands more jobs, including ones from companies that don't typically post on traditional job boards. Our platform is dedicated to fully remote positions, focusing on companies that have adopted remote work as their standard practice.

How often are new jobs added?

New jobs are constantly being added as our system checks company websites every day. We process thousands of jobs daily to ensure you have access to the most up-to-date remote job listings. Our algorithms scan over 20,000 different sources daily, adding jobs to the board the moment they appear.

Can I trust the job listings on Remote First Jobs?

Yes! We verify all job listings and companies to ensure they're legitimate. Our system automatically filters out spam, junk, and fake jobs to ensure you only see real remote opportunities.

Can I suggest companies to be added to your search?

Yes! We're always looking to expand our listings and appreciate suggestions from our community. If you know of companies offering remote positions that should be included in our search, please let us know. We actively work to increase our coverage of remote job opportunities.

How do I apply for jobs?

When you find a job you're interested in, simply click the 'Apply Now' button on the job listing. This will take you directly to the company's application page. We kindly ask you to mention that you found the position through Remote First Jobs when applying, as it helps us grow and improve our service πŸ™

Apply