|
Manager, Product Security - Boston Massachusetts
Company: DataRobot, Inc. Location: Boston, Massachusetts
Posted On: 10/18/2024
Manager, Product SecurityDataRobot is the leader in Value-Driven AI, a unique and collaborative approach to generative and predictive AI that combines an open platform, deep expertise and broad use-case experience to improve how organizations run, grow and optimize their business. The DataRobot AI Platform is the only complete AI lifecycle platform that interoperates with an organization's existing investments in data, applications and business processes, and can be deployed on prem or on any cloud environment. Global organizations, including 40% of the Fortune 50, rely on DataRobot to drive greater impact and value from AI.DataRobot is seeking to hire an experienced security manager with an analytical mind and a detailed understanding of cybersecurity methodologies. The Product Security manager is expected to have meticulous attention to detail, outstanding problem-solving skills, work comfortably under pressure, and deliver on tight deadlines. The ideal candidate will have a strong understanding of application security, container security, secure software development and modern security approaches.Key Responsibilities: - Mentor and lead a team of engineers through regular feedback, sprint planning, and managing team roadmap.
- Serve as a security SME, providing guidance and training to internal teams and stakeholders on security best practices and standards.
- Architect, develop and manage security tooling and automation designed to protect the organization's data and infrastructure.
- Collaborate with external security researchers, bug bounty programs, and third-party vendors to identify and triage vulnerabilities.
- Work with cross-functional teams to threat model and design secure software systems.
- Conduct threat modeling, security table tops, and risk assessments to help prioritize security risks based on potential impact on the organization.
- Communicate with customers and partners as relates to security aspects of our offerings.
- Communicate with company leaders regarding the state of our application security, security processes and requirements, and related efforts.
- Serve as a champion for application security in the company.Knowledge, Skills, and Abilities:
- Strong application security background of secure coding practices and common vulnerabilities (OWASP Top 10) and experience with secure development frameworks.
- Experience writing code using Python and/or Golang, with the ability to perform secure code reviews in these languages.
- Strong understanding of containerization technologies and experience securing them (e.g. Kubernetes, AKS, EKS).
- Experience with common security tooling and processes, including incident response, penetration testing, vulnerability scanning, and code analysis.
- Familiarity with common regulatory compliance requirements (e.g., ISO-27001, SOC2, HIPAA, GDPR) and experience implementing security controls to meet these requirements.
- Bachelor's or Master's degree in Computer Science or a related field.
- 10+ years experience in product security roles, preferably at multi-tenant SaaS companies.
- 2+ years experience leading a team of engineers.
- In-depth knowledge of web application security, container security, software security, and other relevant security domains.Preferred Experience:
- Experience securing cloud-based applications and infrastructure across AWS, Azure, and GCP.
- Experience and passion for managing services and tools using Infrastructure as Code (IaC) with Terraform.The talent and dedication of our employees are at the core of DataRobot's journey to be an iconic company. We strive to attract and retain the best talent by providing competitive pay and benefits with our employees' well-being at the core.DataRobot Operating Principles:
|
|