Director of Software Security
Tasks
- Align software security with enterprise risk management
- Build and scale application security program
- Coordinate audits assessments and continuous monitoring
- Define and execute enterprise DevSecOps strategy across teams
- Define secrets management and access controls
- Define secure development policies and standards
- Define secure microservices and API reference architectures
- Drive adoption of secure coding
- Ensure secure API design with zero trust
- Establish security patterns for containers Kubernetes and serverless
- Establish shift left security practices across SDLC
- Establish vulnerability remediation and pipeline security KPIs
- Implement CUI handling controls
- Implement Infrastructure as Code security scanning
- Implement artifact signing provenance and integrity validation
- Implement responsible disclosure and bug bounty programs
- Influence engineering culture toward security ownership
- Integrate security controls into CI/CD pipelines
- Integrate security into Agile and CI CD workflows
- Lead SAST DAST SCA tooling adoption
- Lead appsec and devsecops engineering teams
- Lead software security compliance initiatives
- Manage vulnerability lifecycle from discovery to remediation
- Perform threat modeling
- Report security posture to executive leadership
- Secure DevOps pipelines across cloud platforms
- Secure software supply chain with SBOM and dependency scanning
Perks/Benefits
Skills/Tech-stack
800-171 | 800-53 | API Design | API Security | Access Management | Agile | Application Security | Artifact signing | Bug Bounty | CI/CD | CMMC | CUI handling | Cloud Security | Container Security | DAST | DevSecOps | Docker | ISO 27001 | IaC Security | IaC security scanning | Identity and Access Management | Identity and access | Infrastructure as Code | Integrity validation | Kubernetes | Microservices | NIST 800 | NIST 800-171 | NIST 800-53 | Provenance | Regulatory Compliance | Responsible disclosure | Risk Management | SAST | SBOM | SCA | SLSA | Secrets management | Secure API | Secure API Design | Secure Coding | Secure SDLC | Security Scanning | Serverless | Shift Left | Shift-left security | Software Supply Chain | Software supply chain security | Supply chain security | Threat modeling | Vulnerability Management | Zero Trust | “as-code”
Education
N/A
Related jobs
-
Security Engineer (Embedded & Networking) USD 130K-175KApplication Firewall | C# | C++ | Cloud Security | GoExtended hours weekends as needed | Onsite work requirementMid-level Full TimeCape Canaveral, FL11h ago
-
Security Engineer (Embedded & Networking) USD 130K-180KAPI | Access Control | Access Management | Application Firewall | Authentication401k plan | Dental coverage | Disability insurance | Employee stock purchase plan | Life insuranceMid-level Full TimeHawthorne, CA11h ago
-
Security Engineer (Embedded OT) USD 130K-180KAccess Control | Access Management | Application Firewall | Automation | Best practices401k retirement plan | Employee stock purchase plan | Health, dental, and vision insurance | Life insurance | Long-term disability insuranceMid-level Full TimeCape Canaveral, FL11h ago
-
Business Continuity | Cybersecurity | Disaster Recovery | FFIEC | GLBASenior-level Full TimeHouston, Texas, United States15h ago
-
DevSecOps Engineer USD 150K-185KAPI Gateway | AWS | Azure DevOps | CI/CD | CNAPPCompany paid life insurance | Company-paid disability insurance | Discount program | Flexible spending account | Flexible vacationSenior-level Full TimeLenexa, Kansas R16h ago
-
Staff Project Manager, IT Enterprise Applications USD 132K-182KAI tools | Agile | Asana | COBIT | Development Lifecycle401k company match | Disability insurance | Employee Assistance Program (EAP) | Employee Stock Purchase Plan (ESPP) | Flexible time offSenior-level Full TimeUnited States - Remote R17h ago
-
VP, Chief Information Security Officer (CISO) USD 203K-271KAI Governance | AWS | Access Management | Application Security | Azure401k match | Dental insurance | Employee referral bonus | Flexible work environment | Life insuranceExecutive-level Full TimeSarasota, Florida, United States17h ago
-
Credit Risk Manager USD 145K-231KConsumer lending | Credit Portfolio | Credit Risk | Credit portfolio management | Data Analysis401k | Dental insurance | Disability coverage | Employee assistance program | Employee stock purchase planSenior-level Full TimeUnited States | Remote R18h ago
-
Sr. Cloud Security Architect USD 146K-196KAccess Management | Attack Vector | Attack vector analysis | Auditing | Authentication401k match | AD and D insurance | Dental insurance | Holiday package | Life insuranceSenior-level Full TimeWashington, DC18h ago
-
Senior Google Cloud Security Consultant USD 86K-148KAI Governance | Attack Path | Attack Path Analysis | CNAPP | Cloud SecurityCertification and training reimbursement | Comprehensive insurance options | Digital mental health and wellbeing support membership | Flexible time off | Paid parental leaveSenior-level Full TimeUnited States18h ago
-
Principal Google Cloud Security Consultant USD 86K-148KAttack Path | Attack Path Analysis | CNAPP | Chronicle | Cloud NativeCertification training reimbursement | Comprehensive insurance options | Digital mental health and wellbeing support membership | Flexible time off | Paid parental leaveSenior-level Full TimeUnited States19h ago
-
Cyber Defense Senior Analyst (Remote) USD 134K-200KAWS | Application Firewall | Azure | Capture analysis | Digital forensics401k matching | Dental insurance | Flexible schedule | Flexible time off | Hybrid workSenior-level Full TimeUnited States, UNITED STATES, United States R20h ago
-
Cyber Cloud Security Engineer - Vice President USD 170K-200KAWS | Application Security | Automation | Azure | Cloud SecurityEmployer-Matched Retirement Plan | Parental leave | Subsidized healthcare | Telemedicine | Unlimited paid time offExecutive-level Full TimeGreenwich, Connecticut, United States; New York, … R22h ago
-
Cyber Security Architect USD 140K-190KAPI Gateways | Access Management | Behavioral analytics | Cloud Native | Cloud SecuritySenior-level Full TimeHerndon, VA22h ago
-
Director of IT Operations and Cybersecurity USD 160K-224KActive Directory | Amazon Web Services | Awareness Training | Business Continuity | CIS ControlsExecutive-level Full TimeHolstein, Iowa, United States22h ago
-
Manager, Infrastructure Security Engineering USD 125K-150KAPI Integration | ARM | AWS | AWS CodePipeline | AzureCompany-sponsored benefits | Fully remoteSenior-level Full TimeNew York, NEW YORK, United States R23h ago
-
Sr. Security Engineer USD 175K-220KAPI Security | Access Management | Alerting | Application Security | CCPASenior-level Full TimeNew York1d ago
-
Cybersecurity Manager USD 145K-165KCause analysis | Critical Infrastructure | Critical Infrastructure Protection | Cybersecurity compliance | ICS SecurityMid-level Full TimeWestborough, MA, US1d ago
-
Information Security Sr Advisor - Automation Engineer USD 132K-209KAPI Security | AWS IAM | Access Control | Amazon EKS | Amazon SNS401k match | Dental insurance | Life insurance | Long-term disability | Medical insuranceSenior-level Full TimeIN-INDIANAPOLIS, 220 VIRGINIA AVE, United States1d ago
-
Senior Auditor - Digital Technology & Cybersecurity USD 119K-198K800-171 | 800-53 | Audit Program | Audit Reporting | Audit planningDisability benefits | Employee assistance program | Hybrid work schedule | Life insurance | Paid HolidaysSenior-level Full TimeCambridge, United States R1d ago
-
Sr Security Engineer - IAM USD 120K-165KABAC | AWS Directory | AWS Directory Service | Access Management | Active DirectorySenior-level Full TimeOperations - Raleigh - Creedmoor Rd, …1d ago
-
SOC Shift Lead - Information Security USD 129K-202KAccess Control | Application Security | Capacity Planning | Change Control | Compliance Investigations401k match | Life insurance | Long-term disability | Medical, dental & vision coverage | Paid HolidaysSenior-level Full TimeIN-INDIANAPOLIS, 220 VIRGINIA AVE, United States1d ago
-
Platform Security Engineer USD 142K-224KAWS | Access Management | Azure | CI/CD | Cloud Security10 percent travel | Hybrid workMid-level Full TimeUSA - New Jersey - Rahway, …1d ago
-
Cyber Operations Analyst USD 80K-120KAWS | Attack Lifecycle | Cloud Security | Cloud platform | DNS401k | Incentive award | Life insurance | Medical/Dental/Vision insurance | Paid time offMid-level Full TimeBuilding 400-Whippany Campus, Jefferson Park, United …1d ago
-
Access Control | Access Management | Analytics | Business Intelligence | Change Management401k match | Coaching | Employee lease program | Flexible work arrangements | Medical, dental, and vision insuranceSenior-level Full TimeAtlanta, US1d ago