Senior Product Security Architect
The Senior Product Security Architect reports to the Global Product Security Architect Manager and will be responsible to provide product security expertise to product development teams throughout all phases of the SDLC; and to provide mentoring and guidance to lower level Product Security Architects.
- Support NPI project product security process activities including threat modeling, final security reviews, threat vulnerability assessment, etc. for all software and firmware development
- Audit key process deliverables related to security for correctness and completeness.
- Drive efforts with the development teams to quantify residual product risk and identification of appropriate security controls.
- Provide product security related coaching/mentoring and security expertise for all software and firmware development teams in
- Help engineering and Product Management teams identify security requirements
- Drive a standardized set of security product requirements into product and service offerings.
- Lead and coordinate cross-functional activities for incident response
YOU MUST HAVE:
- BS Degree and minimum 6+ years’ software development experience or MS Degree and 4+ years minimum software development experience required
- Availability to travel (company sites)
- Excellent cyber security capabilities and strong software engineering skills
- Strong knowledge of secure software development lifecycle and practices such as threat modeling, security reviews, penetration tests, and security incident response
- Understanding of security by design principles and architecture level security concepts
- Up to date knowledge of current and emerging security threats and techniques for exploiting security vulnerabilities
- Excellent communication and leadership skills
- Strong interpersonal skills with the ability to facilitate diverse groups, help negotiate priorities, and resolve conflicts among project stakeholders
- Technical leadership experience in the software security field
- Certifications in security and privacy demonstrating deep practical knowledge such as CSSLP or CISSP
- Experience and knowledge of penetration testing methodologies and tools
- Understanding of Agile software development practices
- Continued Professional Development