Vacancy expired!
Senior Software Security Lead
Job Description:HOME OFFICE based anywhere in the U.S. or CanadaFortify is the industry-leading provider of Application Security solutions that empower organizations to develop secure software. Fortify offers a comprehensive portfolio of application security solutions with the flexibility of testing on-premises and on-demand to cover the entire software development lifecycle. Over 80% of security breaches exploit application vulnerabilities, and at Fortify, you will be at the forefront of one of the fastest growing segments in the security market.We are looking for an experienced Software Security practitioner to be the Security Lead responsible for our internal security posture and processes for our Fortify portfolio of Application Security Products and communicate such to the outside world. A typical day in your life in this role:- Act as a mentor and resource for the individual security champions that work within the Application Security development team
- Be a single contact point for the security posture of the Application Security Portfolio.
- Identify opportunities and process improvements for our Secure Software Development Lifecycle to the divisional security team.
- Track and respond to critical product security issues.
- Encourage healthy communication between the portfolio and divisional security organizations
- Handle security relationships between the Product Management and Sales organization.
- Provide input and organization of security artifacts and metrics including Threat Modeling and the SDLC measurement.
- Drive the divisional Insider Threat Analysis program.
- Act as the go to person for questions about Insider Threat Analysis results and tools.
- Act as a resource for the Fortify development team in enhancing the Insider Threat Analysis capability.
- Bachelor's or Master's degree in Computer Science, Information Systems, or equivalent.
- 5+ years of Software Security Management in Enterprise applications.
- Background in Application Security.
- Experience working with development CSO operations within a large corporate environment.
- Familiarity with developing Threat Models (STRIDE and DREAD methodology preferred)
- Strong leadership skills, including coaching, team building, communications, and conflict resolution.
- Strong analytical and problem-solving skills.
- Technical knowledge and experience in application development and technologies.
- Strong communication skills (e.g. written, verbal, presentation); mastery in English.
- Familiarity with agile development methodologies
- CISSP, CRISC, CSSLP certifications are a plus
- Familiarity with Secure Development Life Cycle methodology.
- Familiarity with Software Assurance Maturity Models like OpenSAMM or BSIMM
- Containers (Docker, Kubernetes)
- Software Dependency Analysis
- ID: #23585525
- State: Georgia Remote 00000 Remote USA
- City: Remote
- Salary: USD TBD TBD
- Job type: Permanent
- Showed: 2021-11-28
- Deadline: 2022-01-26
- Category: Software/QA/DBA/etc