Technical Director - Product Security - DevSecOps

Work from Home, United States

FICO

FICO is an analytics company that is helping businesses make better decisions that drive higher levels of growth, profitability and customer satisfaction.

View all jobs at FICO

Apply now Apply later

FICO (NYSE: FICO) is a leading global analytics software company, helping businesses in 100+ countries make better decisions. Join our world-class team today and fulfill your career potential!

The Opportunity 

“As a hands-on Technical Director, you will leverage your expertise with modern CI/CD systems to help establish the secure foundations for a new product development DevOps pipeline. Leading the Product Security’s Engineering Engagement team, you will embed within software development teams to accelerate their focus on addressing security challenges and technical debt. You will collaborate closely with security engineers, architects, and software engineers to identify necessary Security architecture and design requirements. You will define and implement secure-by-default infrastructure and policy-as-code, create onboarding guidance, deploy automated security posture validation, and participate in threat modeling exercises. You will have the opportunity to build a team and provide hands-on technical leadership as you grow the team" - Senior Director, Cyber Security 

What You’ll Contribute 

  • Lead a team of highly proficient technical security architects and security engineers.

  • Collaborate between Cybersecurity, DevOps, and Development teams to achieve alignment between security and business objectives.

  • Construct contextual security requirements for vendor tools and integrated systems.

  • Develop vendor tool secure onboarding guidance for system administrators and users.

  • Design and implement AWS based solutions using Terraform for automated Health Checks for security posture validation.

  • Actively participate in security review and threat modeling exercises to identify risks.

  • Provide technical guidance to development teams on security best practices, security architecture, and security controls.

  • Integrate Application and DevOps processes with CI/CD pipelines of the software development lifecycle.

  • Build CI/CD pipelines with Jenkins MPL and GitHub Actions for Security Artifacts.

  • Leverage orchestration systems including Docker and Kubernetes to deliver security services.

  • Integrate software service tools (Jenkins, jFrog Artifactory) into automation for security services.

  • Evaluate and on-board security tools and/or scanners into the Security DevOps lifecycle for multiple tech stacks.

  • Remediate code and dependency-level security findings in partnership with product development teams.

  • Introduce and enhance Continuous Monitoring (Cloud Architecture, App Performance and Logs) for security services.

  • Evaluate the stability, compatibility, scalability, interoperability, and performance of software products.

  • Contribute feature enhancements to internally developed Cybersecurity tools.

  • Integrate Cybersecurity tools into the Security DevOps pipelines.

  • Drive continuous improvement to both the Security DevOps pipelines, and to the Cybersecurity tools, services, and processes.

  • Create and share practical demonstrations of proposed solutions.

  • Mentor and train other engineers and support knowledge sharing.

  • Drive technical discussions and serve as a source of technical expertise. 

 

What We’re Seeking 

  • Experience Managing and leading a team of Security or Software Engineers.

  • Strong understanding and hands-on experience building CI/CD ecosystems to meet the demands of agile and secure development.

  • Strong knowledge of programming, architecture, CI/CD, and automation.

  • Solid experience with AWS API, EKS, and Terraform.

  • Extensive architectural understanding of cloud security, Kubernetes, cloud-native computing, and microservices.

  • Demonstrated ability to evaluate complex projects and clearly articulate secure design requirements, applying a “security mindset” and best-practices quality-first approach.

  • Direct experience standing up and securely administering instances of ArgoCD, Crossplane, Akuity, Upbound Spaces, and Solo.io strongly preferred.

  • Developer-level experience with Java and Golang strongly preferred.

  • Direct experience standing up and securely administering instances of Artifactory, Backstage, Buf, and MongoDB preferred.

  • Experience in the development of and implementing cyber security initiatives including but not limited to policies, strategic projects, activities resulting from internal or external audits preferred.

  • Experience working within one or more compliance frameworks (PCI 4, SOC 2, ISO 27001) is a plus.

  • Good understanding of cyber security risk methodologies, trends, and threats to sensitive data.

  • Knowledge of Security Tools (DAST, SAST, SCA, IAST, IaC, etc.) is a plus.

  • Experience leading or participating in threat modeling, penetration testing, and security reviews is a plus.

  • Bachelor/Master's degree in computer science or related discipline, or relevant experience in software design, development, testing, and deployment.

  • Professional certifications including: CISSP, CISA, CISM, CCSK, CCSP, CEH, C|CISO or related GIAC is a plus.

Our Offer to You

  • An inclusive culture strongly reflecting our core values:  Act Like an Owner, Delight Our Customers and Earn the Respect of Others.

  • The opportunity to make an impact and develop professionally by leveraging your unique strengths and participating in valuable learning experiences.

  • Highly competitive compensation, benefits and rewards programs that encourage you to bring your best every day and be recognized for doing so.

  • An engaging, people-first work environment offering work/life balance, employee resource groups, and social events to promote interaction and camaraderie.

  • The targeted base pay range for this role is: $151000 to $237000 with this range reflecting differences in candidate knowledge, skills and experience.

#LI-RR1

#LI-remote

Why Make a Move to FICO?

At FICO, you can develop your career with a leading organization in one of the fastest-growing fields in technology today – Big Data analytics.  You’ll play a part in our commitment to help businesses use data to improve every choice they make, using advances in artificial intelligence, machine learning, optimization, and much more.


FICO makes a real difference in the way businesses operate worldwide:

•    Credit Scoring — FICO® Scores are used by 90 of the top 100 US lenders.

•    Fraud Detection and Security — 4 billion payment cards globally are protected by FICO fraud systems.

•    Lending — 3/4 of US mortgages are approved using the FICO Score.

Global trends toward digital transformation have created tremendous demand for FICO’s solutions, placing us among the world’s top 100 software companies by revenue. We help many of the world’s largest banks, insurers, retailers, telecommunications providers and other firms reach a new level of success. Our success is dependent on really talented people – just like you – who thrive on the collaboration and innovation that’s nurtured by a diverse and inclusive environment. We’ll provide the support you need, while ensuring you have the freedom to develop your skills and grow your career.  Join FICO and help change the way business thinks!

Learn more about how you can fulfil your potential at www.fico.com/Careers

FICO promotes a culture of inclusion and seeks to attract a diverse set of candidates for each job opportunity. We are an equal employment opportunity employer and we’re proud to offer employment and advancement opportunities to all candidates without regard to race, color, ancestry, religion, sex, national origin, pregnancy, sexual orientation, age, citizenship, marital status, disability, gender identity or Veteran status. Research has shown that women and candidates from underrepresented communities may not apply for an opportunity if they don’t meet all stated qualifications. While our qualifications are clearly related to role success, each candidate’s profile is unique and strengths in certain skill and/or experience areas can be equally effective. If you believe you have many, but not necessarily all, of the stated qualifications we encourage you to apply.

Information submitted with your application is subject to the FICO Privacy policy at https://www.fico.com/en/privacy-policy

Apply now Apply later
Job stats:  4  0  1

Tags: Agile Analytics APIs Artificial Intelligence Audits Automation AWS Big Data C CCSK CCSP CEH CI/CD CISA CISM CISO CISSP Cloud Compliance Computer Science DAST Data Analytics DevOps DevSecOps Docker GIAC GitHub Golang IAST ISO 27001 Java Jenkins Kubernetes Machine Learning Microservices MongoDB Monitoring Pentesting Privacy Product security SAST SDLC SOC SOC 2 Terraform

Perks/benefits: Career development Competitive pay Health care Team events

Regions: Remote/Anywhere North America
Country: United States

More jobs like this

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.