Senior Principal Product Security Engineer
Remote - CA
Vertex Inc.
Vertex is the leading and most-trusted provider of comprehensive, integrated tax technology solutions, having helped 10,000+ businesses since 1978.Job Description:
Senior Principal Engineer Product Security
The Senior Product Security Engineer plays a key role as a partner defining and implementing Vertex’s Product Security strategy, partnering closely with product development, InfoSec, IT, legal and other organizations to drive critical cyber risk programs from start to finish. You believe in making Product Security easy, through reducing issues up front through Secure-by-Design principles, and continuous management of Product Security risk for Vertex’s products and services.
- You will contribute to Vertex’s Product Security Security-by-Design strategy including implementation and operationalization.
- In this role, you will be responsible for identifying and driving resolution to security issues in a broad range of products
- Collaborate with product architects to develop roadmaps and recommendations to drive enhancements of Product Security architecture, governance, and standards.
- Identify, incorporate, and articulate Product Security best practices such as DevSecOps, zero trust design, and cloud incident response.
- Develop and implement a comprehensive Security-by-Design education program to enable continuous education on Security-by-Design methodologies.
- Recommend and validate Security controls and improvements across our software and infrastructure stack.
- Foster relationships with key internal stakeholders such as Engineering, Legal and InfoSec
- Produce data-based reports on technology risk for senior management.
- Provide technical guidance to product teams working on security and privacy-relevant technologies, and will contribute to the automation of our analysis and testing activities
- Evaluate the security of new products, conduct security and code reviews, and support vulnerability management.
KNOWLEDGE, SKILLS AND ABILITIES:
Minimum qualifications
- 5 years of experience applying security controls to cloud-based technologies.
- 5 years of experience implementing cyber risk practices for Product Security frameworks using CIS Benchmarks, Cloud Security Alliance, OWASP.
- 5 years of experience with cloud governance principles and cloud computing policies.
EDUCATION AND TRAINING:
- Bachelor’s Degree in Computer Science or equivalent.
- Five (Five) plus years of experience in the security domain
- Or equivalent combination of education and/or experience
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Automation Cloud Computer Science DevSecOps Governance Incident response OWASP Privacy Product security Security strategy Strategy Vulnerability management Zero Trust
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.