Principal Security Engineer

Remote - PA

Vertex Inc.

Vertex is the leading and most-trusted provider of comprehensive, integrated tax technology solutions, having helped 10,000+ businesses since 1978.

View all jobs at Vertex Inc.

Apply now Apply later

Job Description:

The Product Security Engineer plays a key role as a partner defining and implementing Vertex’s Product Security strategy, partnering closely with product development, InfoSec, IT, legal and other organizations to drive critical cyber risk programs from start to finish. You believe in making Product Security easy, through reducing issues up front through Secure-by-Design principles, and continuous management of Product Security risk for Vertex’s products and services.

  • You will contribute to Vertex’s Product Security Security-by-Design strategy including implementation and operationalization.
  • In this role, you will be responsible for identifying and driving resolution to security issues in a broad range of products
  • Collaborate with product architects to develop roadmaps and recommendations to drive enhancements of Product Security architecture, governance, and standards.
  • Identify, incorporate, and articulate Product Security best practices such as DevSecOps, zero trust design, and cloud incident response.
  • Develop and implement a comprehensive Security-by-Design education program to enable continuous education on Security-by-Design methodologies.
  • Recommend and validate Security controls and improvements across our software and infrastructure stack.
  • Foster relationships with key internal stakeholders such as Engineering, Legal and InfoSec
  • Produce data-based reports on technology risk for senior management.
  • Provide technical guidance to product teams working on security and privacy-relevant technologies, and will contribute to the automation of our analysis and testing activities
  • Evaluate the security of new products, conduct security and code reviews, and support vulnerability management.

KNOWLEDGE, SKILLS AND ABILITIES:

Minimum qualifications

  • 5 years of experience applying security controls to cloud-based technologies.
  • 5 years of experience implementing cyber risk practices for Product Security frameworks using CIS Benchmarks, Cloud Security Alliance, OWASP.
  • 5 years of experience with cloud governance principles and cloud computing policies.

EDUCATION AND TRAINING:

  • Bachelor’s Degree in Computer Science or equivalent.
  • Five (Five) plus years of experience in the security domain
  • Or equivalent combination of education and/or experience

Other Qualifications

  • The Winning Way behaviors that all Vertex employees need in order to meet the expectations of each other, our customers, and our partners.

    Communicate with Clarity - Be clear, concise and actionable. Be relentlessly constructive. Seek and provide meaningful feedback.

    Act with Urgency - Adopt an agile mentality - frequent iterations, improved speed, resilience. 80/20 rule – better is the enemy of done. Don’t spend hours when minutes are enough.

    Work with Purpose - Exhibit a “We Can” mindset. Results outweigh effort. Everyone understands how their role contributes. Set aside personal objectives for team results.

    Drive to Decision - Cut the swirl with defined deadlines and decision points. Be clear on individual accountability and decision authority. Guided by a commitment to and accountability for customer outcomes.

    Own the Outcome - Defined milestones, commitments and intended results. Assess your work in context, if you’re unsure, ask. Demonstrate unwavering support for decisions.

    COMMENTS:

    The above statements are intended to describe the general nature and level of work being performed by individuals in this position. Other functions may be assigned, and management retains the right to add or change the duties at any time.

Apply now Apply later

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Job stats:  0  0  0

Tags: Agile Automation Cloud Computer Science DevSecOps Governance Incident response OWASP Privacy Product security Security strategy Strategy Vulnerability management Zero Trust

Perks/benefits: Career development Flex hours

Regions: Remote/Anywhere North America
Country: United States

More jobs like this

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.