Sisense Manager Product Security 

Remote, Remote 

511450658

As the Manager of Product Security, you will play a crucial role in ensuring the security and integrity of our SaaS (Software as a Service) platform. You will lead a team responsible for threat modeling, conducting shift left reviews, and managing vulnerability remediation efforts. Your security expertise best practices, threat assessment, and proactive risk mitigation will be essential in safeguarding our platform and protecting our customers' data.

Key Responsibilities:

• Threat Modeling: Collaborate with cross-functional teams to identify potential security threats and vulnerabilities in the SaaS platform. Conduct thorough threat modeling exercises to assess risks and prioritize mitigation strategies.
• Shift Left Reviews: Implement and oversee shift left security practices to integrate security measures early in the software development lifecycle. Work closely with development teams to conduct code reviews, identify security gaps, and enforce secure coding standards.
• Vulnerability Remediation: Lead efforts to identify, prioritize, and remediate security vulnerabilities in the SaaS platform. Coordinate with development teams to implement patches, updates, and security fixes in a timely manner.
• Security Testing: Develop and execute comprehensive security testing plans, including penetration testing, code scanning, and vulnerability assessments. Analyze test results to identify security weaknesses and recommend remediation actions.
• Security Awareness and Training: Foster a culture of security awareness within the organization by providing regular training sessions and educational materials. Keep abreast of the latest security threats, trends, and best practices to continuously enhance the security posture of the SaaS platform.
• Compliance and Regulatory Requirements: Ensure that the SaaS platform complies with relevant security standards, industry regulations, and data protection laws. Stay informed about evolving compliance requirements and drive initiatives to maintain compliance across all aspects of product security.
• Incident Response: Develop and maintain incident response plans and protocols to effectively respond to security incidents and breaches. Lead investigations into security incidents, implement remediation actions, and identify lessons learned to strengthen security defenses.

Qualifications:

• Bachelor's degree in Computer Science, Information Security, or a related field (Master's degree preferred).
• Proven experience 8+ years in product security, with a focus on threat modeling, shift left reviews, and vulnerability management.
• Strong understanding of security principles, protocols, and best practices.
• Hands-on experience with security testing tools and techniques, such as penetration testing, code scanning, and vulnerability assessment.
• Excellent communication skills with the ability to effectively collaborate with cross-functional teams and communicate complex security concepts to non-technical stakeholders.
• Experience deploying programs using OWASP Top Ten and MITRE ATT&CK frameworks
• Relevant certifications (e.g., CISSP, CISM, CEH) preferred.
• Experience working in a SaaS environment is needed.