Product Security Engineer

Posted:
8/11/2024, 5:00:00 PM

Location(s):
North Carolina, United States ⋅ Raleigh, North Carolina, United States

Experience Level(s):
Mid Level ⋅ Senior

Field(s):
IT & Security

As the Product Security Engineer, you will play a pivotal role in shaping and maintaining our organization's security posture. You will lead a team of analysts, manage security assurance activities, and engage with customers to address their security and compliance concerns. Your efforts will ensure our compliance with industry standards and regulations, mitigate risks, and foster a culture of security awareness within the organization. You will also be instrumental in educating internal teams and building effective relationships with technical personnel to meet security policy requirements.

Key Responsibilities:

  • Develop and Implement Security Initiatives:
    • Develop and maintain a Security & Trust Risk Register based on the FAIR methodology to report non-compliance with security requirements to executive leadership.
    • Implement secure by design policies to prevent the exfiltration of highly restricted data.
    • Establish a customer audit assurance function to ensure contractual security compliance with healthcare, financial, insurance, and government customers.
    • Align data retention practices with applicable laws and regulations.
  • Lead Global IT Security Assurance Activities:
    • Plan, coordinate, and lead contractually obligated global IT security assurance activities.
    • Investigate and drive alignment to regulations, standards, and frameworks (e.g., ISO 27001, SOC 2, GDPR, FDI, FIRB, EBA) with overall business and security strategies.
  • Build Effective Relationships:
    • Foster strong working relationships with technical personnel to ensure security policy and compliance requirements are met.
    • Report non-compliance and drive remediation efforts.
  • Risk Analysis and Internal Controls:
    • Analyze risks associated with IT processes and assess the effectiveness of internal controls.
  • Provide Security Advice on Legal Contracts:
    • Maintain secure contract negotiations and engage customer security officers.
    • Partner closely with Legal, compliance, security, engineering, product management and other stakeholders to drive both internal and customer facing security and compliance initiatives.
  • Customer Engagement and Education:
    • Lead a team of analysts to respond to security and compliance inquiries from customer-facing teams across the company.
    • Participate in customer meetings to facilitate security, compliance, and due diligence assessments.
    • Provide customers with an authentic look into the company's security practices, addressing their concerns about our security and compliance posture.
    • Educate internal teams about corporate and product-specific security measures.
  • Record Keeping and Trend Analysis:
    • Maintain accurate and complete records of customer information and cybersecurity questions to identify, qualify, report, and track customer protection issues and trends.
    • Contribute to the development of a scalable information/cybersecurity outreach program.

Qualifications:

  • Bachelor's degree in Computer Science, Information Technology, or 3+ years related field experience
  • 2yrs proven experience in a similar security role, with a strong focus on product security assurance and compliance.
  • In-depth knowledge of security standards and frameworks, including ISO 27001, SOC 2, GDPR, FDI, FIRB, and EBA.
  • Strong analytical and problem-solving skills.
  • Excellent communication and interpersonal skills.
  • Ability to build and maintain effective working relationships.
  • Leadership experience and the ability to guide and mentor staff.

Preferred Certifications:

  • Certified Information Systems Security Professional (CISSP)
  • Certified Information Security Manager (CISM)
  • Certified Information Systems Auditor (CISA)

About Us:

Citrix and TIBCO recently merged to create Cloud Software Group, now one of the world’s largest cloud solution providers, serving more than 100 million users around the globe. When you join Cloud Software Group, you are making a difference for real people, each of whom count on our suite of cloud-based products to get work done — from anywhere. Members of our team will tell you that we value diverse lived experiences, passion for technology, and the courage to take risks.  Everyone is empowered to learn, dream, and build the future of work. We are on the brink of another Cambrian leap -- a moment of immense evolution and growth. And we need your expertise and experience to do it. Now is the perfect time to move your skills to the cloud.

Cloud Software Group is firmly committed to Equal Employment Opportunity (EEO) and to compliance with all federal, state and local laws that prohibit employment discrimination. All qualified applicants will receive consideration for employment without regard to age, race, color, creed, sex or gender, sexual orientation, gender identity, gender expression, ethnicity, national origin, ancestry, citizenship, religion, genetic carrier status, disability, pregnancy, childbirth or related medical conditions (including lactation status), marital status, military service, protected veteran status, political activity or affiliation, taking or requesting statutorily protected leave and other protected classifications.

If you need a reasonable accommodation due to a disability during any part of the application process,  please contact us at (800) 424-8749 or email us at [email protected] for assistance.

Cloud

Website: https://cloud.com/

Headquarter Location: San Francisco, California, United States

Employee Count: 101-250

Year Founded: 2013

IPO Status: Private

Last Funding Type: Series A

Industries: Corporate Training ⋅ DevOps ⋅ EdTech ⋅ Education ⋅ Enterprise Software ⋅ Information Technology ⋅ Internet ⋅ SaaS ⋅ Trading Platform