Senior Software Security Lead

Senior Software Security Lead

• Act as a mentor and resource for the individual security champions that work within the Application Security development team
• Be a single contact point for the security posture of the Application Security Portfolio.
• Identify opportunities and process improvements for our Secure Software Development Lifecycle to the divisional security team.
• Track and respond to critical product security issues.
• Encourage healthy communication between the portfolio and divisional security organizations
• Handle security relationships between the Product Management and Sales organization.
• Provide input and organization of security artifacts and metrics including Threat Modeling and the SDLC measurement.
• Drive the divisional Insider Threat Analysis program.
  • Act as the go to person for questions about Insider Threat Analysis results and tools.
  • Act as a resource for the Fortify development team in enhancing the Insider Threat Analysis capability.

• Bachelor's or Master's degree in Computer Science, Information Systems, or equivalent.
• 5+ years of Software Security Management in Enterprise applications.

• Background in Application Security.
• Experience working with development CSO operations within a large corporate environment.
• Familiarity with developing Threat Models (STRIDE and DREAD methodology preferred)
• Strong leadership skills, including coaching, team building, communications, and conflict resolution.
• Strong analytical and problem-solving skills.
• Technical knowledge and experience in application development and technologies.
• Strong communication skills (e.g. written, verbal, presentation); mastery in English.

• Familiarity with agile development methodologies
• CISSP, CRISC, CSSLP certifications are a plus
• Familiarity with Secure Development Life Cycle methodology.
• Familiarity with Software Assurance Maturity Models like OpenSAMM or BSIMM
• Containers (Docker, Kubernetes)
• Software Dependency Analysis