Job responsibilities
- Guides the evaluation of current cybersecurity principles, processes, and controls, and leads the assessment of new technology using existing standards and frameworks
- Independently performs analysis and develops reports to identify security risks to protect data, applications, and infrastructure using modern tools
- Conducts security reviews and produces threat models
- Regularly provides technical guidance and direction to support the business and its engineering teams, product managers and vendors
- Works with stakeholders and senior leaders to recommend actions to mitigate vulnerabilities and uplift application, platform or tooling security maturity
- Serves as function-wide subject matter expert in one or more areas of product security
- Influences peers and project decision-makers to consider the use and secure deployment of leading-edge technologies and patterns
- Adds to team culture of diversity, equity, inclusion, and respect
Required qualifications, capabilities, and skills
- Formal training or certification in cybersecurity and 5+ years applied experience across one or more functional product security areas (e.g. threat modeling, vulnerability assessments, encryption, IAM, network protocols, API security)
- Familiarity across a range of security frameworks and guidelines (e.g. OWASP, NIST, ISO) and experience reconciling design documentation and architecture with applicable industry standards and best practices
- Hands-on practical experience delivering enterprise level cybersecurity solutions and controls
- Advanced knowledge of cybersecurity architecture, applications, and technical processes with considerable, in-depth knowledge in one or more technical disciplines (e.g., SaaS, public cloud, AI, ML, LLMs, tooling design/development, containers)
- Ability to tackle design and functionality problems independently with little to no oversight
- Ability to evaluate current and emerging technologies to select or recommend the best solutions for future state architecture & enterprise integrations
- Proven experience leading projects from scoping to delivery
Preferred qualifications, capabilities, and skills
- Ability to concisely present and communicate complex technical topics to a wide array of stakeholders
- Experience and/or advanced knowledge of architecture, applications, and technical processes as it relates to enterprise scale applications, tooling and or platform security