My Fortune 50 client is looking for a Senior Staff Product Security Leader to work with our Power/Utility customers and internal teams to develop and deliver secure solutions. In this role you will need blend of strong cyber security expertise, program management skills, and software or power engineering experience.
Essential Responsibilities
You are a highly technical security professional who enjoys challenging problems, is at ease with customers, and has the desire and fortitude to ensure accuracy and meticulous attention in everything you do.
- Work with customer install base to protect Critical Infrastructure as cyber events increase
- Interpret and scope solutions based upon customer security requirements
- Interface with customers – prepare/present reports at the appropriate level of the stakeholders, be prepared to answer all security related questions
- Provide customer confidence by proactively addressing industry-wide branded bugs/attacks; drive vulnerabilities to closure
- Stay current on industry cyber trends by monitoring news, reading standards, attending cyber conferences
- Ensure that our customer deliveries provide all that is required for customers to maintain CIP compliance
- Ensure security policies, procedures (ISO 27001) and contractual obligations are met
- Execute information management surveys
- Prepare and present security training to staff
- Engage in application and domain-specific threat modeling and attack surface analysis & reduction
- Work both independently and a part of a team
- Promote best practices, design patterns, and standards through workshops, knowledge transfers, and code walk-throughs
Basic Qualifications:
- Bachelor's Degree in Computer Science or “STEM” Majors (Science, Technology, Engineering and Math) , Master’s Degree preferred.
- Minimum 8 years of progressive cyber security experience
- Must be open to a flexible work schedule to collaborate with our global team and customers
Eligibility Requirements:
- Legal authorization to work in the U.S. is required. We will not sponsor individuals for employment visas, now or in the future, for this job.
Desired Characteristics/Technical Expertise:
- Strong leadership skills
- Ability to effectively communicate with customers, engineering leaders and internal stakeholders
- Ability to work independently
- Ability to work in a globally dispersed team
- Regulatory/standards mindset, collaboration comfortable, independently driven, excellent communicator, meticulous attention to detail and documentation
- Active professional certification (GIAC, CompTIA, CEH, etc.)
- Experience participating in cyber security audits using framework such as ISO 27001
- Collaboration experience with Agile development teams
- Passion for secure coding principles as both a hands-on user and instructor
- Experience with scripting, security tools selection and integration
- Experience building manual security tests, and using tools for penetration testing and ethical hacking
- Knowledge of CI/CD and automation tools (Chef, Git, Jenkins)
- Knowledge of Identity management and identity federation (SAML, Oauth, SCIM, XACML)
- Experience with integration security challenges such as securing databases and web servers
- Knowledge and experience participating in Threat Modeling, risk analysis and evaluation techniques
- Deep knowledge of Cyber Security, but broad knowledge of engineering and infrastructure functions
- Experience with broad set of information security technologies and processes within a SaaS, IaaS, PaaS, or cloud environment