back Back to Jobs

Manager of Product Security



Location: Hoffman Estates, IL
Job # 10991791
Date Posted: 05-24-2018
Manager of Product Security
Location: Hoffman Estates, IL
Duration: 6-12 months Contract W2

Resumes to: recruiter@romackinc.com
 
Positions Summary:
The Director, Product Security will be responsible, on behalf of the client Chief Security Officer (CSO) for the leadership of Product Security and the Product Security team within the client Global Security Office. The Director, Product Security will lead global efforts in securing the diverse client suite of Products and Services. The role is responsible for managing a team of Product Security Architects and specialists in the identification and prioritization of risks associated with the development and operation of client products and services. The Director will be responsible for the deployment of technology and processes designed to mitigate vulnerabilities early in the development lifecycle to ensure that client embeds ‘Security by Design’ in to our suite of products.  The role will define and execute the Product Security strategy for the organization globally.
 
The Director will be responsible for building key senior level relationships with both the Research and Development and Product functions in order to influence and drive a security culture and to ensure that security and resiliency are a consideration throughout the development and operational lifecycle. The Director will be responsible for working closely with Research and Development leadership to help to define the security aspects of the software development lifecycle and to identify and advise on the tools necessary to enable the client to build secure products whilst limiting the impact on the speed of development.
 
Position Responsibilities: 
  • Ambassador for the Information Security Program. Leadership and execution in reducing Product Security Risk globally.
  • Oversee Product Security Infrastructure and Engineering. Advise and consult on operational monitoring of products and services within the client Security Operations Centre (SOC).
  • Oversee a team of Product Security Architects and Specialists responsible for identifying and consulting on product security risks and vulnerabilities.
  • IT and Business Unit collaboration for security architecture, engineering, implementation and operations
  • Works with the Risk Management team to coordinate and lead on risks management activities associated with Product Security
  • Develops and maintains Product Security Strategy on behalf of the client Chief Security Officer.
  • Develops and executes global standards for Product Security in conjunction with the security compliance and assurance function.
  • Works with the Culture of Security function to aid in the development and management of security education and awareness around product security.
  • Collaborates effectively with cross-functional entities across the enterprise.
  • Organizational direction, time management, problem-solving, prioritization, goal setting, leadership and motivation, negotiation, interpersonal relations, verbal/written communications and human resource management.
  • Works closely with the Risk Management team and the client Chief Security Officer in the development and monitoring of risk metrics and measurements suitable for all levels of the organization, including, executive leadership, functional management and the Board of Directors.
 
Most Critical Skills:
  • Certifications: CISSP, CISM, CEH, SANs,
  • 8 -12 years information security and application security experience in a large and complex  business environment
  • 3-5 years’ experience identifying and remediation information security risks as part of a vulnerability assessment and remediation programs.
  • Strong knowledge of security methodologies, policies, standards and best practices.
  • Previous experience of building or scaling an application security function within a technology environment.
  • Knowledge of software development methodologies such as Waterfall and Agile, as well as the associated tools and processes.
  • Existing experience in embedding security within a Software Development Life-cycle
  • Experience in Operational Risk models and a successful track record working with the business to reduce risk and deliver comprehensive security and privacy programs.
  • Experience working directly with Customers, representing the firm’s positions on security, risk, resiliency and privacy issues.
  • Varied experience in Application Security, Static code analysis, Penetration Testing and vulnerability assessment.
this job portal is powered by CATS