Be an early applicantLess than 25 applicants

Company

FICO · 6 hours ago

Technical Director - Product Security - DevSecOps

United States

Full-time

Remote

Director/Executive

$151K/yr - $237K/yr

Maximize your interview chances

AnalyticsBig Data

H1B Sponsor Likely

Hiring Manager

Reena Ramesh

Insider Connection @FICO

Discover valuable connections within the company who might provide insights and potential referrals.
Get 3x more responses when you reach out via email instead of LinkedIn.

Responsibilities

Lead a team of highly proficient technical security architects and security engineers.

Collaborate between Cybersecurity, DevOps, and Development teams to achieve alignment between security and business objectives.

Construct contextual security requirements for vendor tools and integrated systems.

Develop vendor tool secure onboarding guidance for system administrators and users.

Design and implement AWS based solutions using Terraform for automated Health Checks for security posture validation.

Actively participate in security review and threat modeling exercises to identify risks.

Provide technical guidance to development teams on security best practices, security architecture, and security controls.

Integrate Application and DevOps processes with CI/CD pipelines of the software development lifecycle.

Build CI/CD pipelines with Jenkins MPL and GitHub Actions for Security Artifacts.

Leverage orchestration systems including Docker and Kubernetes to deliver security services.

Integrate software service tools (Jenkins, jFrog Artifactory) into automation for security services.

Evaluate and on-board security tools and/or scanners into the Security DevOps lifecycle for multiple tech stacks.

Remediate code and dependency-level security findings in partnership with product development teams.

Introduce and enhance Continuous Monitoring (Cloud Architecture, App Performance and Logs) for security services.

Evaluate the stability, compatibility, scalability, interoperability, and performance of software products.

Contribute feature enhancements to internally developed Cybersecurity tools.

Integrate Cybersecurity tools into the Security DevOps pipelines.

Drive continuous improvement to both the Security DevOps pipelines, and to the Cybersecurity tools, services, and processes.

Create and share practical demonstrations of proposed solutions.

Mentor and train other engineers and support knowledge sharing.

Drive technical discussions and serve as a source of technical expertise.

Qualification

Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.

CI/CD SystemsAWSTerraformSecurity ArchitectureKubernetesDockerJavaGolangSecurity ToolsThreat ModelingCybersecurity InitiativesCompliance FrameworksCISSPCISACISMCCSPCEHCCISOGIACSoft Skills

Required

Experience Managing and leading a team of Security or Software Engineers.

Strong understanding and hands-on experience building CI/CD ecosystems to meet the demands of agile and secure development.

Strong knowledge of programming, architecture, CI/CD, and automation.

Solid experience with AWS API, EKS, and Terraform.

Extensive architectural understanding of cloud security, Kubernetes, cloud-native computing, and microservices.

Demonstrated ability to evaluate complex projects and clearly articulate secure design requirements, applying a 'security mindset' and best-practices quality-first approach.

Bachelor/Master's degree in computer science or related discipline, or relevant experience in software design, development, testing, and deployment.

Preferred

Direct experience standing up and securely administering instances of ArgoCD, Crossplane, Akuity, Upbound Spaces, and Solo.io strongly preferred.

Developer-level experience with Java and Golang strongly preferred.

Direct experience standing up and securely administering instances of Artifactory, Backstage, Buf, and MongoDB preferred.

Experience in the development of and implementing cyber security initiatives including but not limited to policies, strategic projects, activities resulting from internal or external audits preferred.

Experience working within one or more compliance frameworks (PCI 4, SOC 2, ISO 27001) is a plus.

Good understanding of cyber security risk methodologies, trends, and threats to sensitive data.

Knowledge of Security Tools (DAST, SAST, SCA, IAST, IaC, etc.) is a plus.

Experience leading or participating in threat modeling, penetration testing, and security reviews is a plus.

Professional certifications including: CISSP, CISA, CISM, CCSK, CCSP, CEH, C|CISO or related GIAC is a plus.

Benefits

Highly competitive compensation, benefits and rewards programs that encourage you to bring your best every day and be recognized for doing so.

An engaging, people-first work environment offering work/life balance, employee resource groups, and social events to promote interaction and camaraderie.

Company

FICO

Glassdoor

4.0

Fair Isaac Corporation enables businesses to automate, improve, and connect decisions to enhance business performance. It is a sub-organization of FICO.

Founded in 1956

San Jose, California, USA

1,001-5,000 employees

http://www.fico.com

H1B Sponsorship

FICO has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)

Distribution of Different Job Fields Receiving Sponsorship

Represents job field similar to this job

Trends of Total Sponsorships

2023 (14)

2022 (25)

2021 (42)

2020 (41)