Director of Software Security
Tasks
- Align software security with enterprise risk management
- Build and scale application security program
- Coordinate audits assessments and continuous monitoring
- Define and execute enterprise DevSecOps strategy across teams
- Define secrets management and access controls
- Define secure development policies and standards
- Define secure microservices and API reference architectures
- Drive adoption of secure coding
- Ensure secure API design with zero trust
- Establish security patterns for containers Kubernetes and serverless
- Establish shift left security practices across SDLC
- Establish vulnerability remediation and pipeline security KPIs
- Implement CUI handling controls
- Implement Infrastructure as Code security scanning
- Implement artifact signing provenance and integrity validation
- Implement responsible disclosure and bug bounty programs
- Influence engineering culture toward security ownership
- Integrate security controls into CI/CD pipelines
- Integrate security into Agile and CI CD workflows
- Lead SAST DAST SCA tooling adoption
- Lead appsec and devsecops engineering teams
- Lead software security compliance initiatives
- Manage vulnerability lifecycle from discovery to remediation
- Perform threat modeling
- Report security posture to executive leadership
- Secure DevOps pipelines across cloud platforms
- Secure software supply chain with SBOM and dependency scanning
Perks/Benefits
Skills/Tech-stack
800-171 | 800-53 | API Design | API Security | Access Management | Agile | Application Security | Artifact signing | Bug Bounty | CI/CD | CMMC | CUI handling | Cloud Security | Container Security | DAST | DevSecOps | Docker | ISO 27001 | IaC Security | IaC security scanning | Identity and Access Management | Identity and access | Infrastructure as Code | Integrity validation | Kubernetes | Microservices | NIST 800 | NIST 800-171 | NIST 800-53 | Provenance | Regulatory Compliance | Responsible disclosure | Risk Management | SAST | SBOM | SCA | SLSA | Secrets management | Secure API | Secure API Design | Secure Coding | Secure SDLC | Security Scanning | Serverless | Shift Left | Shift-left security | Software Supply Chain | Software supply chain security | Supply chain security | Threat modeling | Vulnerability Management | Zero Trust | “as-code”
Education
N/A
Related jobs
-
Application Security Engineer - Federal / US Government USD 130K-280KAWS | Architecture Analysis | Code review | Design review | Development LifecycleCommuter benefits | Expanded mental health support | Flexible PTO | Flexible spending account | Health savings accountSenior-level Full TimeSan Mateo, CA United States11h ago
-
Manager, Product Security Foundations USD 191K-253KAnti-tamper | Application Security | Detection and Response | Development Lifecycle | Embedded SystemsHealth insurance | Paid time offMid-level Full TimeCosta Mesa, California, United States12h ago
-
Client Platforms Security Engineer USD 150K-200KAndroid | Anti-virus | Automation | Cybersecurity | Device securitySenior-level Full TimeChicago12h ago
-
Manager Cybersecurity USD 113K-141KAnomaly Detection | Artificial Intelligence | Bash | CIS Critical Security | CIS Critical Security Controls401k match | EAP Coverage | Employee stock purchase plan | Life and disability insurance | Medical, dental, and vision insuranceMid-level Full TimePrinceton, New Jersey, United States; San …13h ago
-
Sr. Director, Global Network & Network Security USD 156K-298KBusiness Continuity | Change Management | Cloud connectivity | Compliance Management | Cybersecurity401k | Dental insurance | Long-term incentive program | Medical insurance | Paid time offExecutive-level Full TimeNorth Chicago, IL, United States13h ago
-
Engineering Manager I, Threat Detection USD 192K-240KArtificial Intelligence | Automation | CI/CD | Detection engineering | Incident ResponseBest in class onboarding | Continuous career development | Cross departmental buddy program | Employee stock purchase plan | Hybrid work environmentMid-level Full TimeNew York, New York, USA14h ago
-
Security Engineer - Governance Risk Compliance USD 100K-228K800-171 | 800-53 | ACAS | Authorization and Assessment | CMMC401k plan | Dental insurance | Discounts | Health insurance | Life insuranceMid-level Full TimeNew York, NY; Palo Alto, CA; …14h ago
-
Sr Manager, Identity & Access Management (IAM) USD 96K-135KAWS | Access Management | Access reviews | Active Directory | Adaptive AuthenticationSenior-level Full TimeEl Segundo, CALIFORNIA, United States15h ago
-
Director, Information Security USD 136K-196KAccess Management | Artificial Intelligence | Cloud Security | Compliance Management | CrowdStrike401k match | Dental insurance | Employee assistance program | Health Savings Account contribution | Life insuranceExecutive-level Full TimeOrlando, FL | Melbourne, FL15h ago
-
Sr Product Manager - Privacy USD 120K-160KAPI Integration | Agile | Analytics | CCPA | CPRA401k | Dental insurance | Fully remote | Medical insurance | Paid leaveSenior-level Full TimeNew York, NEW YORK, United States R16h ago
-
Senior Cyber Security Consultant- Compliance (Remote- Anywhere in the Continental U.S.) USD 113K-188K800-171 | 800-53 | Audit Readiness | CIS Controls | CMMCCorporate holidays | Flexible time off | Group dental insurance | Group medical insurance | Home internet allowanceSenior-level Full TimeRemote R17h ago
-
Senior Security Engineer USD 126K-166K800-171 | AWS GovCloud | Azure Government | Bash | CMMC401k matching | Fully remote option | Home Technology Stipend | Hybrid work option | Paid HolidaysSenior-level Full TimeCollege Park, Maryland, United States; Louisville, … R17h ago
-
Security Tools Integration Specialist 2 USD 200K-270KAWS | Amazon EC2 | Amazon S3 | Apache NiFi | AutomationMid-level Full TimeFort Meade, Maryland18h ago
-
Security Operations Engineer II USD 165K-200KAWS | Azure | Bash | Cause analysis | Cloud Security401k | Dental insurance | Flexible time off | Health insurance | Paid parental leaveSenior-level Full TimeLos Angeles, California, United States19h ago
-
Defensive CyberSecurity Specialist USD 112K-181KCybersecurity | Information Assurance | Management Framework | Operational security | Risk ManagementPaid time off | Training supportNone Full TimeMD, DC, VA20h ago
-
Enterprise AI Security Engineer (ISSE) USD 116K-243KAccess Control | Access Management | Assessment and Authorization | Classification Aware Access Control | Continuous MonitoringSenior-level Full TimeArlington, VA20h ago
-
Principal Engineer, DevSecOps USD 145K-175KABAC | AI Security | AI gateway | AWS | Advanced SecuritySenior-level Full TimeLas Vegas, NV20h ago
-
Sr IT Systems & Security Engineer USD 111K-155KAzure Security | CCPA | CISSP | Change Management | Cloud ComputingSenior-level Full TimeOakbrook Terrace, Illinois, United States21h ago
-
Security Operations Engineer II USD 165K-200KAWS | Automation | Azure | Behavioral analytics | Cause analysis401k | Dental insurance | Flexible time off | Health insurance | Paid parental leaveSenior-level Full TimeNew York, New York, United States21h ago
-
Information Security Engineer, Bare Metal USD 230K-310KAnsible | AppArmor | Audit Logging | BMC Security | BMC firmwareHealth, dental, and vision insurance | Paid time off | Retirement or pensionSenior-level Full TimeNew York, NY21h ago
-
Senior Security Engineer, Digital Asset Custody USD 115K-115KAI tools | C# | C++ | Cryptography | Disaster RecoveryBonus or incentive opportunities | In-office collaboration | On-site work requirementSenior-level Full TimeSouthlake, TX, United States1d ago
-
Senior Security Engineer, Digital Assets USD 160K-200KAI tools | Access Control | Agentic AI | Agentic AI tools | Atomic swapsSenior-level Full TimeSouthlake, TX, United States1d ago
-
Cyber Systems Engineering Manager USD 135K-216K24x7 operations | Agile | Artificial Intelligence | Cyber Threat | Cyber Threat IntelligenceMid-level Full TimeLanham, MD, United States1d ago
-
Information Assurance and Security, Advisor USD 112K-179K800-53 | ATO RMF Documentation | ATO/RMF | Continuous Monitoring | EMASSSenior-level Full TimeUnited States1d ago
-
Cybersecurity Architect USD 130K-150KAWS | Access Management | Cloud Security | Detection and Response | Endpoint Detection and Response401k employer match | Dental insurance | Employee assistance program | Flexible spending account | Health insuranceSenior-level Full TimeTampa, FL1d ago