Product Security Lead

Resolvit.com - Remote

RESOLVIT

Bringing Solutions That Make Business Better

Join Resolvit as a Product Security Lead and be part of a creative, forward-thinking team. Our success at deploying skilled, highly knowledgeable experts has landed us on the Inc. 5000 list of America’s fastest-growing companies four times – and we’re just getting started.

As the Product Security Lead, you will be the head security resource for your division. You will be accountable for supporting the implementation and maintenance of PSO initiatives as well as security practices, security culture, and product security evangelism and engagement. You will also serve as a stakeholder in secure design review and threat modeling and represent security perspectives in design. Additionally, you will:

  • Provide product security expertise and thought leadership to the business unit while prioritizing product security initiatives
  • Provide training, coaching, and consultation on secure development practices to the business and product development teams
  • Be the business unit focal point for business-critical customer cybersecurity issues (PSIRT), product security compliance, or external security certifications
  • Maintain a close relationship with the technical product security testing team to deliver against the strategic priorities and projects
  • Provide input and support product development teams throughout the product development lifecycle on a variety of product security requirements including secure coding and design, secure code reviews, security testing, and third-party component risk assessment and mitigation
  • Research and evaluate security tooling, determine the best technology for your product, and collaborate with PSO to ensure technology and tooling align with software security goals and strategy
  • Lead development, implementation, and testing of prototypes or solutions for automating routine security tasks
  • Participate in planning and execution of product security events (Open Forums, bug bounties, bug bashes, Cybersecurity Awareness Month)
  • Professionally develop security leadership via continuous education and training (such as pursuing leading industry certifications like CSSLP and CISSP)
  • Lead independent product team initiatives for your group and ensure that teams are properly enforcing security standards and requirements
  • Lead POCs for new security technologies and techniques (such as integration with Microsoft Azure security infrastructure)
  • Evaluate customer requirements and how SAS software’s security features can better integrate/perform
  • Interface with release engineering and IT on tooling infrastructure
  • Troubleshoot tooling failures and issues for other teams
  • Document frequently asked questions and contribute to the security knowledge base
  • Answer product security questions for other engineers and developers in MSFT (such as PSO Help + Security Champions Teams channels)

What You’ll Need to be Successful:

  • At least 3 years of experience in product development or product lifecycle management
  • At least 1 year of experience with information security controls or security risk management
  • Bachelor’s degree
  • Excellent scripting and debugging skills on JavaScript, Python Scripting, Go, PHP, or Ruby
  • Excellent interpersonal and written and verbal communications skills
  • Demonstrated ability to engage with highly technical concepts
  • Ability to translate business objectives into security terms and vice versa
  • Ability to adjust to multiple demands, changing priorities, ambiguity, and rapid change while multitasking effectively
  • Experience conducting security product reviews
  • Experience creating executive level presentations
  • Experience with both automated (SAST, DAST, SCA) and manual secure code reviews (penetration testing)
  • Understanding of ‘Secure by Design” principles and secure development frameworks (BSIMM, SANS, OWASP)
  • Current knowledge of cybersecurity trends and remediation or mitigation approaches
  • Certification related to information security and privacy (CSSLP, CISSP)
  • Experience releasing products that balance business objectives and technical features while mitigating cyber risk (prioritized remediation plans)

Benefits:

At Resolvit, you’ll be given the support you need to grow in your consulting career. In addition to opportunities for advancement, we offer:

  • Medical, dental, and vision insurance
  • Life insurance coverage
  • Long-term and short-term disability coverage
  • 401(k) retirement plan with matching
  • Professional support from our Client & Employee Optimization Specialist

We currently have more than 100 open career opportunities across the country, so be sure to mention the appropriate Job Code with any correspondence!

About Resolvit:

Resolvit is an international technology consulting firm with industry-leading customers in the financial services, high tech, manufacturing, retail, life sciences, and government sectors. Through its partnerships, Resolvit delivers highly impactful, innovative solutions across five core areas: Infrastructure Modernization, Application Development Services, Enterprise Data Management & Analytics, Knowledge & Content Management, and Strategic Staffing.



Posted On: Monday, April 18, 2022



Apply to this job
  • It is the policy of Resolvit, LLC to provide and administer employment, training, compensation, promotion, benefits and employment practices without regard to race, color, religion, national origin, ancestry, sex, sexual orientation, age, disability, medical condition, veteran status, marital status, or political affiliation.