Product Security Lead
Atlanta, Georgia  


We have a Permanent position for "Product Security Lead" with one of our direct clients in Atlanta, Georgia.   No third party candidates considered for this position. US citizens and all those authorized to work in the US are encouraged to apply.

Job Description

Our Client, we’re all about connecting people to the things they do and love through our products, services, and technology.  It’s our people who make this possible, and we’re always looking for more of the very best to join our team and make it even better.

We’re searching for a Product Security Lead to drive the next evolution in securing Client Communications products. Sounds important- right? This person will provide thought leadership and drive the secure product development lifecycle as part of Client Communication’s broader initiative of a secure product portfolio. You will also support various product development teams to ensure our customers are secure as well as socialize the program and provide security consulting with consideration of current information security industry trends and threat landscapes.

If this sounds like an opportunity you want to explore, keep reading - we’ve got all the details you’ll need to take the next steps.

What You’ll Do:

  • Guide, inform, and support the successful release of products while following our product security program and maintaining up-to-date inventory entries, including product lifecycle status, risk profile and remediation validation
  • Bring together product development teams to achieve high cyber security quality of products and provide information to make risk-based decisions
  • Support efforts to secure product lifecycle practices and identify and quantify product and portfolio product security risks
  • Engage with other information security teams to create action plans
  • Provide consultative advice and insights into the maintenance of product security procedures, directives, and technology controls
  • Ensure product development teams practice ‘Secure by Design’ through validation of Client product security requirements in design and architecture, and ensure information security artifacts align with industry standards or regulatory requirements (i.e., PCI-DSS, HIPAA, GDRP, NIST, CMMC, etc.)
  • Participate in industry working groups and provide insights back to product development teams on leading practices and regulations
  • Be the business unit focal point for business-critical customer cybersecurity issues (PSIRT), product security compliance or external security certifications.

 Key Responsibilities:

Leadership:

  • Act as servant-leader to an agile team; removing impediments and ensuring team productivity.
  • Lead by example, demonstrating and upholding Agile values and principles.
  • Protect the team from outside interference, removing impediments, and ensuring that the work is delivered as a team.
  • Organize and facilitate Iteration ceremonies
  • Support the team in delivering stories such that they meet the definition of done.
  • Lead team retrospectives and ensure key learning is incorporated into next sprint.

Coaching:

  • Coach team members to uphold scrum principles.
  • Cultivate and environment of trust, good faith, empowerment and creativity.
  • Facilitate discussions and conflict resolution.

Communication/Tracking

  • Track team delivery through the use of burndown charts and other visual methods.
  • Produce and post sprint plans and otherwise act as an information radiator.
  • Track team velocity to ensure accuracy of future planning.

Collaboration

  • Understand the business priorities and items to be refined in upcoming Iterations.
  • Ensure management is informed if changes occur that impact delivery to the business.
  • Work with team to ensure alignment of priorities and that dependencies are delivered in the appropriate sprints to support delivery commitments.
  • Actively participate in activities related to agile adoption across the organization.

Planning

  • Drive weekly backlog refinement sessions with the team, ensuring work items are estimated and ‘ready-for-work’ per established priorities.
  • Coordinate dependencies with other initiatives
  • Lead Iteration Planning sessions ensuring the commitments made are appropriate and uphold scrum principles.

Required Skills

Who You Are :

  • As you’ve seen, this job requires someone who is at the top of their game.  Because it’s such a critical role, here are a few requirements that will assure you’re on track for this opportunity:
  • 4+ years of experience in product development or product lifecycle management
  • 4+ years of experience with information security controls or security risk management
  • Excellent interpersonal, written, and verbal communications skills; demonstrated ability to communicate highly technical concepts to non-technical audiences and translate business objectives into cybersecurity terms
  • Ability to adjust to multiple demands, changing priorities, ambiguity, and rapid change, while multitasking effectively

Qualifications and Skills:

  • Agile Practices – expert understanding of Scrum practices and related agile tools and techniques.  Understanding of Scaled Agile Framework.
  • Software Development – expert understanding of software development and the software development lifecycle.
  • Assertiveness – able to achieve goals of the team by actively driving to resolution of issues, holding team accountable to their actions and commitments
  • Servant-Leader – exhibits the servant-as-leader behaviors of coaching, service to the team, and empowerment of the team to come up with solutions to their problems.
  • Self-motivated – capable of managing multiple priorities with little instruction or oversight.
  • Collaboration – exhibits ability to work with and through others to achieve shared goals.
  • Social – takes an interest in and exhibits socials skills to enhance team bonding.
  • Communication skills – maintains frequent and effective communication within and across teams.
  • Flexibility – ability to adapt to frequent changes within the SAFe framework and principles.
  • Organization – ability to organize meetings, reviews, retrospectives and other scrum ceremonies.
  • Facilitation – ability to facilitate meetings, drawing out key concerns and issues to ensure the principle of continuous improvement.
  • Tracking – ability to track team progress and velocity using various methods including charts, graphs, etc.
  • High-energy – shows enthusiasm and displays energy to take on daily issues and bring them to conclusion on behalf of the team.

Minimum Qualifications:

  • Bachelor’s degree in Computer Science (or related field) or equivalent work experience
  • 3+ years working in a software development environment as a Scrum Master.
  • Experience working in an iterative Development environment, utilizing Scrum practices.
  • One or more of the following relevant Agile certifications is required: SSM,CSM,SA, CSP,  Scrum.org, DSDM, ICAgile, PMI-ACP

Duties and Responsibilities: (Essential Duties include but are not limited to):

  • Maintain multiple customer environments.
  • Work 40+ hours a week.
  • Update and Manage ticket backlog based on internal policies.
  • Crisis Management - Identify any high priority issues and escalate to next level.
  • Provide a Customer-First experience while utilizing phones and email to manage tickets.
  • Work cohesively with team as well as all divisions of company. Customer-first approach.
  • Effectively engage resources inside and outside of your team to further the troubleshooting and resolution of issues which may include other technical engineers, account teams, or project managers.
  • Deliver solutions that lead to problem resolution or mitigation with a high level of customer satisfaction.
  • Be able to listen to, accept, and follow direction from more senior engineers.
  • Flexibility to be customer facing and travel to customer sites.

Preferred Skills

  • Master’s or Bachelor's degree in Computer Science, Cybersecurity, or related field
  • Experience conducting security product reviews and creating executive level presentations
  • Experience with both automated (i.e., SAST, DAST, SCA, etc.) and manual secure code reviews (Penetration Testing)
  • Understanding of ‘Secure by Design’ principles and secure development frameworks – i.e., BSIMM, SANS, OWASP, etc.
  • Certification related to information security & privacy – i.e., CSSLP, CISSP, etc.
  • Experience releasing products that balance business objectives and technical features while mitigate cyber risk
  • Join the Client family of businesses and make your mark today!
  • You'll be part of a high performing team in a fast-paced environment that has the entrepreneurial feel of a start-up where individuals recognize and value the importance of team success. Collaboration and passion are woven into the fabric of everything we do; you’ll be immersed in an environment that nurtures individualism, creative problem-solving, and intellect. You'll be surrounded by people who are smart, passionate about improving healthcare, and believe that world class service is critical to customer success.
  • This job located in Herndon, VA. (Work remote at home during COVID-19 pandemic)

 

(For Candidate use only)

   
 

Maximum file size 5mb (doc/docx/pdf/rtf)