Senior Director, Product Security
The Sr. Director of Product Security will set the overall security strategy for the Carbon Black product lines. This position is separate but complementary to the corporate CISO, and will focus on driving the next evolution of our internal product security program. This will include working with the product management and engineering teams to ensure that our internal product security program continues to be effective in the face of the ever-changing threats that Carbon Black faces as our business grows. This includes validating and improving our product Secure Development Lifecycle, global regulatory compliance, administering our Product Security Incident Response Team processes, as well as managing relationships with the greater external research community in terms of responding to disclosures. The qualified candidate will have deep technical knowledge of the security issues which surround both cloud hosted (SaaS) service offerings and on-prem software products, and be able to communicate effectively with the product development teams, customers, and corporate CISO functions.
What You'll Do
- Evolve and execute product security strategy
- Recruit and manage the Carbon Black Security Response Center team
- Track to resolution open security and vulnerability items
- Define and manage secure coding practices, including code analysis and audit
- Manage external and internal penetration tests
- Manage the Carbon Black bug bounty program
- Manage internal and external vulnerability analysis programs
- Work as a complement to corporate security operations to define and maintain a cohesive monitoring and response program for all Carbon Black Cloud Hosted Services
- Work alongside Product Management to maintain, execute, and prioritize a product security feature backlog
- Ensure product continuity in the face of an attack
- Work alongside Carbon Black Threat Analysis Unit to investigate and mitigate potential bypass and exploit techniques
- Efficiently and effectively evaluate and communicate product security posture to the Carbon Black Product team, with recommendations and prioritization as required
What You'll Bring
The successful candidate will be deeply technical, with a focus more on engineering practices than policy application and also have:
- Bachelor's degree in Computer Science, or related Field; Master’s Degree a plus
- 10-15 years experience in both software engineering and security related field
- Certifications: CISSP , CISM, or related is a plus
Why you should join us
Carbon Black is a leading provider of next-generation endpoint security, leveraging breakthrough prevention technology to instantly see and stop cyberattacks before they execute. With more than 14 million endpoints under management, and more than 4,600 customers—including one-third of the Fortune 100—the opportunities are massive and exciting. With 1,200+ employees, offices across the world, and the best-of-the-best tools for collaboration from anywhere, now is an ideal time to become part of the Cb Team. See where you fit best at Lifeatcb.carbonblack.com.
Carbon Black, Inc. is an EEO/AA employer. Carbon Black is an inclusive employer that believes in workplace equality, supports diversity, creates a welcoming environment, and respects the unique qualities each individual brings to the company.