Director, Product Security

Description

This position is responsible for defining and implementing Vertex’s product security strategy, partnering closely with product development, IT, legal and other organizations to oversee and drive critical cyber risk programs from start to finish.

You will lead a team of talented and experienced Information Security professionals delivering who will meet or exceed the security needs of Vertex and its customers.

You will be at the forefront of driving a multi-year journey to build and transform our Product Security organization. You believe in making product security easy, through reducing issues up front through secure-by-design principles, and continuous management of product security risk for our products and services.

Minimum qualifications

• 5 years of experience applying security controls to cloud-based technologies.
• 5 years of experience leading an organization to architect, design, implement or operate cloud and IT systems at scale.
• 5 years of experience implementing cyber risk practices for cloud security frameworks using CIS Benchmarks, Cloud Security Alliance, OWASP.
• 5 years of experience with cloud governance principles and cloud computing policies.

Preferred qualifications

• Certification in cloud security (e.g., AWS Cloud Solutions Architect, CCSP, GCSA).
• Certifications in public cloud (e.g., AWS, Azure or GCP).
• Understanding of the components that comprise a successful cloud information security program.
• Ability to document and explain technical details in a clear and concise manner.

Responsibilities

• You will own Vertex’s Product Security strategy including implementation and operationalization.
• In this role, you will be responsible for identifying and driving resolution to security issues in a broad range of products
• Build and develop a team of high-performing security engineers developing solutions focused on Cloud Security.
• Work with product architects to develop roadmaps and recommendations to drive enhancements of product security architecture, governance, and standards.
• Identify, incorporate, and articulate cloud security best practices such as DevSecOps, zero trust design, and cloud incident response.
• Actively partner with our Infrastructure teams on the development and deployment of Vertex products and supporting services.
• Recommend and validate Security controls and improvements across our infrastructure stack.
• Perform security configuration reviews for Vertex’s cloud-based SaaS platform and services.
• Own and build relationships with key external stakeholders such as customers, vendors, and auditors.
• Produce data-based reports on technology risk for senior management.
• You'll provide technical guidance to product teams working on security- and privacy-relevant technologies, and will contribute to the automation of our analysis and testing activities
• Evaluate the security of new products, conduct security and code reviews, and support vulnerability management
29 days ago