Offer summary

Qualifications:

Over 10 years of experience in Application Security, DevSecOps, or cybersecurity consulting for mid to large enterprises., Proven ability to design secure coding programs and security awareness initiatives., Experience in pre-sales activities including scoping, pricing, and pitching security services., Strong communication skills with the ability to present complex security concepts to executive stakeholders..

Key responsibilities:

Engage in pre-sales solution design and strategic advisory for key clients.

Lead discovery sessions and assessments to identify security process gaps and recommend tailored solutions.

Define ROI, risk, and adoption KPIs, and provide guidance for client team upskilling.

Deliver professional services engagements and develop industry-leading playbooks and templates.

Job description

Secure Code Warrior’s mission is to establish new standards for coding that transform the ways software is created. We do this by providing the world’s leading agile learning platform that delivers the most effective secure coding solution for developers to learn, apply, and retain software security principles. More than 600 enterprises trust Secure Code Warrior to implement agile learning security programs, build safer software, and create a culture of developerdriven security. We are a venturebacked company with offices in Australia, the United States, Belgium, Iceland, and the United Kingdom.

As a Principal Consultant, you are the key to unlocking the full strategic value of Secure Code Warrior for our most important customers. This role is a critical evolution of traditional consulting, blending presales solution design with postsales strategic advisory. You will partner with our sales team to engage prospects early, understanding their core business drivers and designing highlevel security program strategies that position our product and services as an essential investment.

You are not just delivering a service; you are building a business case, shaping a vision, and acting as a trusted advisor to security and engineering leaders. Your success is defined by your ability to elevate the conversation from tactical implementation to strategic business transformation, driving larger deals and ensuring our customers achieve measurable value.

What are the essential duties of this role?Pre‑Sales Advisory: Join discovery calls, run “Onboarding & Support” workshops, scope PS proposals, and co‑author SOWs for all land deals.
AppSec & Program Assessment: Lead discovery sessions to identify process & strategy gaps in existing Secure Code Warrior deployments, and make tailored recommendations.
Executive Metrics Coaching: Define ROI, risk, and adoption KPIs. Provide templates and guidance for upskilling client teams.
Stakeholder Alignment: Facilitate workshops to align engineering, security, and leadership. Remove blockers and drive decisions.
Engagement Delivery: Deliver PS engagements for 34 concurrent engagements.
IP & Methodology Development: Create and maintain playbooks, templates, and AI‑driven accelerators for the PS team.
Industry Learning: Stay current on AppSec trends and AI usage in security. Feed insights back into product and service offerings.
Executive Reporting: After every pre‑sales call or delivery milestone, package the key takeaways—tailored advice, rollout steps, and next actions into a crisp report the client can forward straight to leadership.
Hands‑On Platform Expertise: Know the SCW platform and Developer Risk Management (DRM) inside out. Dive into the console and data to demonstrate features live. Design program plans that keep DRM and SCW at the core.

Traits Needed
Commercial Acumen: Thinks like a business partner. Quickly grasps a clients business landscape and challenges, and crafts compelling, commerciallyviable solutions that align our services with their strategic and financial goals.
Influential Stakeholder Engagement: Builds immediate credibility and trust with senior executives (Head of Appsec, Director of Engineering, CISO). Articulates complex security concepts in terms of business value and risk, persuading decisionmakers during both presales and delivery.
Strategic Program Design: Goes beyond tools to develop holistic, realistic business plans for security initiatives. Designs highlevel implementation roadmaps during the sales cycle that integrate measurable business value, and organizational change.
Change Management & Communication: Expertly guides clients through organizational change. Adapts messaging to be succinct and outcomefocused for executives, while remaining detailed and technical for engineering teams, ensuring smooth adoption.
Creative ProblemSolving: Thrives in ambiguity. Can think on their feet to remove blockers, maintain momentum, and creatively solve complex customer challenges in highpressure sales and delivery environments.
Deep AppSec Domain Expertise: Possesses a comprehensive understanding of the AppSec landscape, including SAST, SCA, Threat Modeling, and developer training, and leverages this to establish credibility and design effective programs.
AIDriven Ways of Working: Has experience leveraging AI to enhance efficiency, generate insights, and innovate within a consulting or security context, demonstrating an ability to transform their own work and advise clients on modern approaches.
Chromebook and Google Suite fluency: Prior experience working fluently using Chromebook and Google Workspace for docs, slides, and real‑time collaboration. Alternatively, comfortable adopting new apps fast when needed.

What You Will Bring:
10+ years in AppSec, DevSecOps, or cybersecurity consulting for mid‑to‑large enterprises.
Proven record designing secure‑coding programs or other Appsec Security Awareness programs.
Pre‑sales experience in scoping, pricing, and pitching services.
Trusted advisor to Appsec teams; can present business cases in plain language.
Change‑management expertise; able to coach teams through adoption hurdles.
Excellent written, verbal, and virtual‑presentation skills.
Hands‑on familiarity with AI productivity tools (eg. Gemini, ChatGPT) and a habit of sharing efficiencies created.