Product and Application Security Lead
Atlanta, GA | Direct Hire
The Product and Application Security Leader is responsible for leading the program to ensure security is integrated into the company’ s products and all areas of the internal software development processes. Partner with key product development leaders to ensure security is enabled as a feature in all customer-facing product offerings. Lead efforts to improve and expand efforts to build in security at all levels of the software development process. This position reports to the Chief Information Security Officer.
- Drive secure development and integration of security features into all phases of product and software design and development
- Lead design and development of security features to support product innovation
- Advise product teams of new requirements to respond to changes in the payments industry security landscape
- Lead integration of new product and solution acquisitions into enterprise-wide security structures and processes
- Lead programs to ensure continuous development and improvement of security integration (Sec DevOps) into the DevOps process
- Lead development of shared software frameworks to enable consistent application of secure coding best practices across the enterprise
- Build solid working relationships with all stakeholders to maintain and improve product and application security processes
- Contribute to maturing process, policy, and standards guidance
- Strategic leader with collaboration skills to work seamlessly across organizations and functions
- Recent experience working with product development and software development functions within a large enterprise
- Strong understanding of secure development processes and domains, such as SAST, DAST, secure shared library development
- Strong understanding of application software security, including business logic, resilience to attacks, fraud prevention
- Excellent communication skills for interactions with partners, executive leadership and development team
- Strong knowledge of secure software development lifecycle and practices such as threat modeling, security reviews, penetration tests, and security incident response
- 5 - 10 years Technical leadership experience in the software security field
- 5+ years with incorporating cyber security into software development processes and programs.
- 5+ years experience in software development with language proficiency in .Net, Java and Apex.
Bachelor’ s Degree (CIS, CS, IS programs desired)
Professional security or privacy certification desired, demonstrating deep practical knowledge
Understanding of the financial technology, payments, and/or bankcard industry desired