Security Product Manager (Remote)

Apply for this position Please mention DailyRemote when applying
Posted a day ago United States Salary undisclosed
Before you apply - make sure the job is legit.

Attempting to apply for jobs might take you off this site to a different website not owned by us. Any consequence as a result for attempting to apply for jobs is strictly at your own risk and we assume no liability.

Job Description

Job Description

The Manager of Product Security is responsible for working with platform owners and client teams to understand their software platforms and help advise and guide proper secure development, hardening of systems, vulnerability and code scanning management and assistance with SecOps and GSO (Global Security Office) groups. This member should have experience in software development, database development and/or network operations with a desire to expand their career in security.

Key Responsibilities

Learn assigned system platform(s). Collect and keep current all needed essential data of a platform including Data flows, Network Diagrams, Infrastructure, Software platforms, SDLC Processes and other related items.

Collect and understand all needed platform requirements related to Compliance. This will include but not limited to PCI, SOC, NIST ISO 27001, PII, HIPAA (ePHI).

Review and obtain a general knowledge of Privacy laws, how they affect our systems and how we maintain compliance

Assist development teams on how to apply secure coding practices, properly scan and remediate their code using tools such as Veracode.

Assist product team with compliance and audit information, assist during audits, assist in maintaining compliance related material

Assist product team with risk management. With an understanding of the platform, help the product teamwork through questions and understanding of risks and related Risk Acceptance Document requests.

Assist in managing resolution of Risk Acceptance documents (RADs) during the request lifetime.

Assist product and client teams with communicating and understanding security concerns that arise during reviews and scans. This may involve communicating with clients directly.

Build "trusted advisor" relationships with Product and client team members, NetEng, SecOps, VMOps, GSO and other groups as needed to accomplish goals

Understand and implement DevSecOps in product development stream

Assist with security incidents

Minimum Qualifications

5+ years' experience in development, database and/or network operations, or a blend of development/database/network and security.