Senior Director, Product Security
Company: Workato Inc
Location: Mountain View
Posted on: April 18, 2024
|
|
Job Description:
Responsibilities
Workato is looking for an exceptional security leader to establish
and lead a global security team responsible for Workato's product
and infrastructure security.
The Sr. Director of Product Security is a hands-on leader
responsible for leading the product security efforts across our
entire product line. This role requires a unique blend of
real-world experience and theoretical knowledge in various aspects
of software security, including but not limited to application
security, cloud security, secure coding practices, and security
architecture. The ideal candidate will have a proven track record
of hands-on security work and the ability to lead a team of
security professionals.
In this role, you will also be responsible to:
Lead the company's development and implementation of a
comprehensive product security strategy.
As a hands-on leader, manage and mentor a team of security
engineers and analysts, providing guidance and direction for their
professional growth.
Identify, develop, implement, and maintain security programs and
processes across product development and production
environments.
Define strategic direction, set objectives, and structure and
resource the organization and the work in a way that improves the
team's impact and provides a paved path to a leadership position
among SaaS providers, including application security,
infrastructure security, and data security.
Oversee critical cybersecurity areas, including incident response,
disaster recovery, awareness, monitoring, remediation, information
governance, and digital security.
Lead all product security operations that protect against immediate
threats and respond when something goes wrong.
Grow the product security programs and capabilities to an
industry-leading position, finding opportunities to improve our
existing approach and helping to guide the team to unlock that
potential.
Build strong relationships within the product, engineering and
operations teams to implement the appropriate security controls to
protect Workato's applications, infrastructure, and data.
Communicate effectively with stakeholders at all levels about the
security posture of products and the importance of product
security.
Develop and oversee the development and enforcement of security
policies and procedures based on industry-standard best
practices.
Partner closely with executive leadership to ensure that all
applications and platforms are developed with security in mind and
that appropriate security controls have been implemented while
driving continuous investment into the cybersecurity areas.
Utilize business-relevant metrics to measure the efficiency and
effectiveness of the program, facilitate appropriate resource
allocation and increase the security program's maturity.
Work closely with internal stakeholders and business units to keep
abreast of planned changes to technologies, working practices, and
business activities that could impact the organization's
Information Security or risk profile.
Support continued compliance with SOC2, HIPAA and other currently
required standards and act as Product and Engineering technical
lead within product security to expand certifications to include
PCI, NIST800-171, ISO27001/277001, and FedRAMP. Ensure operation of
related controls. Coordinate the provision of required evidence for
audit.
Lead incident response activities and post-mortem analysis for any
security breaches or incidents, liaising with the Legal, Security
and Privacy teams on data protection, ensuring root causes of such
breaches are understood and addressed.
Conduct hands-on security assessments, code reviews, and
penetration testing to identify product vulnerabilities and
security gaps as needed.
Leverage Workato as an automation solution for SOAR, GRC and other
security-related use cases
Requirements
Qualifications / Experience / Technical Skills
Minimum of 7 years of experience in product security, application
security, or a related field.
Hands-on experience designing and deploying security controls
across all security domains, such as access management, data
protection, vulnerability management, incident response and
management, application security, network security, preventive,
detective, and offensive security solutions.
Deep understanding of security principles, techniques, and
technologies such as OWASP Top 10, SANS Top 25, encryption,
identity and access management, network security, and cloud
security.
Familiarity with compliance frameworks and standards such as ISO
27001, SOC 2, GDPR, and CCPA.
An understanding of Application Security threats and
countermeasures
Practical knowledge of security technologies, especially those
applying to SaaS Web applications and wider business solutions,
including Firewalls, IDS/IPS, Identity and access management, SIEM,
Data Loss Protection, BCP, and Cloud Security
Ability to provide strategic product security mentorship based on
experience performing threat modeling and design reviews to assess
security implications and requirements
Bachelor's or Master's degree in Computer Science, Information
Security, or a related field.
Relevant security certifications (e.g., CISSP, OSCP, CEH) are a
plus.
Soft Skills / Personal Characteristics
Outstanding interpersonal and communication skills; ability to
communicate information successfully internally and externally and
to drive multi-functional alignment and action
Excellent people leadership skills - providing direction,
monitoring performance, motivating staff, and building a positive
working environment
#J-18808-Ljbffr
Keywords: Workato Inc, Cupertino , Senior Director, Product Security, Executive , Mountain View, California
Click
here to apply!
|