Realtor.com is looking to grow the application security program focused on product security. This group will build and execute a strategy responsible for making sure customer facing products are designed and implemented to the highest security standards through a partnership with the product engineering teams. The ideal candidate would have a good mix of technical and people skills.
This position will report directly to the Chief Information Security Officer (CISO). As the company invests further in this area, there is room for innovation and growth for a hands-on, collaborative and energetic individual.
Duties & Responsibilities
- In collaboration with the CISO and the product security team build, maintain and execute a strategy to secure our customer facing products
- Process & Standards Development
- Oversee our Agile-SDL process ensuring security throughout all phases of the SDL
- Partner with the business to understand the needs and demands of the clients, partners and the marketplace and develop security standards and policies to ensure products are built to meet those needs
- Support product engineering teams to address security issues and ensure sound trade-offs
- Develop and maintain product security dashboards ensuring executive and other non-technical stakeholder audiences have real time visibility to the security of each product.
- Technical Security
- Serve as the security SME for product engineering teams
- Support product engineering teams in developing threat models for new and updated products
- Work alongside technical architects to develop and maintain secure architectural patterns
- Contribute user stories to address security requirements and work with product engineering teams and stakeholders to prioritize them.
- Work with software engineers to design preventative and/or detective controls for specific security issues
- Work with engineering teams to build and socialize re-usable security components
- Socialize automated security tools and guide product engineering teams to integrate these within their CI/CD workflows and test environments
- Work with members of security intelligence and response team to integrate security monitoring of products and build use cases
- Work with members of security engineering team to develop and evangelize security solutions that solve security challenges that engineering teams face
- Security awareness and evangelism
- Collaborate with the application security team to execute a security champions program within the product engineering teams aimed at instilling security into the culture of product engineering
- Lead conversations about security with prospective and current clients alongside the business and sales team
- Develop security material (brochures, white-papers) for consumption by customers showcasing the security of our products
Requirements
- Bachelor’s degree in Computer Science, IT Systems Management, or Mathematics
- 3 to 5 years of software development with at least 2 years in developing secure systems
by via developer jobs - Stack Overflow
No comments:
Post a Comment