Lead Security Engineer (Content Hub)

About Us:Sitecore’s mission is to provide cutting-edge DXP solutions that enable the world’s greatest brands to craft truly unforgettable experiences for their customers. A highly decorated industry leader, Sitecore brings content, commerce, and data into one connected platform that delivers millions of digital experiences every day. Thousands of blue-chip companies, including American Express, Porsche, Starbucks, L’Oréal, and Volvo Cars, rely on Sitecore to provide more engaging, personalized customer experiences. Under the leadership of our new product-centric CEO, we are poised to continue to push the boundaries of marketing technology and shape the future of customer engagement. Learn more at Sitecore.com.   About the Role:Sitecore is looking for a Lead Security Engineer with a well-rounded skill set in security development and testing to support the Content Hub Engineering teams. As a Lead Security Engineer, you’ll collaborate closely with the other Security Engineers in Engineering and IT Security Team to define and apply security best practices within the engineering team. What You’ll Do:

• Drive security improvements and lead compliance initiatives within Content Hub Engineering
• Supporting the engineering teams through the software development lifecycle and addressing potential security concerns around product development.
• Occasionally participate in code reviews, share technical knowledge with colleagues, mentor others and provide constructive feedback.
• Collecting and analyzing data from security testing activities, communicating findings to the program and teams, and reporting valid and reliable information about the quality of the product to the engineering leadership

 What You Need to Succeed:

• Proven working experience with Azure cloud provider and its security features.
• Experience with security frameworks such as ISO 27001/27017/27018, SOC 2, HIPAA, NIST, and CIS and strong understanding of security principles, protocols, and technologies.
• Proficiency in security tools and technologies, including firewalls, intrusion detection/prevention systems, and vulnerability scanners. (Static Code Analysis, Third Party Library Scanning, Container Security, Web Penetration Testing, etc.)
• A profound understanding of code best practices and standards for development and testing.
• Excellent communication and collaboration skills, with the ability to work effectively with cross-functional teams.

How we hire:Sitecore is proud to be an equal-opportunity workplace. We are committed to equal employment opportunity without unlawful regard to race, color, ancestry, religion, gender, national origin, sexual orientation, age, citizenship, marital status, disability, veteran status or any other local legally protected characteristic.