Director, Product Security Palo Alto, California
Company: Tbwa Chiat/Day Inc
Location: Mountain View
Posted on: November 1, 2024
|
|
Job Description:
Workato is the only integration and automation platform that is
as simple as it is powerful - and because it's built to power the
largest enterprises, it is quite powerful. Simultaneously, it's a
low-code/no-code platform. This empowers any user (dev/non-dev) to
painlessly automate workflows across any apps and databases. We're
proud to be named a leader by both Forrester and Gartner and
trusted by 7,000+ of the world's top brands such as Box , Grab ,
Slack , and more. But what is most exciting is that this is only
the beginning. Ultimately, Workato believes in fostering a
flexible, trust-oriented culture that empowers everyone to take
full ownership of their roles . We are driven by innovation and
looking for team players who want to actively build our company.
But, we also believe in balancing productivity with self-care .
That's why we offer all of our employees a vibrant and dynamic work
environment along with a multitude of benefits they can enjoy
inside and outside of their work lives. If this sounds right up
your alley, please submit an application. We look forward to
getting to know you! Forbes' Cloud 100 recognized us as one of the
top 100 private cloud companies in the world Deloitte Tech Fast 500
ranked us as the 17th fastest growing tech company in the Bay Area,
and 96th in North America Quartz ranked us the #1 best company for
remote workers ResponsibilitiesWorkato is looking for an
exceptional security manager to establish and lead a global
security team responsible for Workato's product and infrastructure
security.The Manager of Product Security is a hands-on leader
responsible for leading the product security efforts across our
entire product line. This role requires a unique blend of
real-world experience and theoretical knowledge in various aspects
of software security, including but not limited to application
security, cloud security, secure coding practices, and security
architecture. The ideal candidate will have a proven track record
of hands-on security work and the ability to lead a team of
security professionals. In this role, y ou will also be responsible
to: Lead the company's development and implementation of a
comprehensive product security strategy.As a hands-on leader,
manage and mentor a team of security engineers and analysts,
providing guidance and direction for their professional
growth.Identify, develop, implement, and maintain security programs
and processes across product development and production
environments.Define strategic direction, set objectives, and
structure and resource the organization and the work in a way that
improves the team's impact and provides a paved path to a
leadership position among SaaS providers, including application
security, infrastructure security, and data security.Oversee
critical cybersecurity areas, including incident response, disaster
recovery, awareness, monitoring, remediation, information
governance, and digital security.Lead all product security
operations that protect against immediate threats and respond when
something goes wrong.Grow the product security programs and
capabilities to an industry-leading position, finding opportunities
to improve our existing approach and helping to guide the team to
unlock that potential.Build strong relationships within the
product, engineering and operations teams to implement the
appropriate security controls to protect Workato's applications,
infrastructure, and data.Communicate effectively with stakeholders
at all levels about the security posture of products and the
importance of product security.Develop and oversee the development
and enforcement of security policies and procedures based on
industry-standard best practices.Partner closely with executive
leadership to ensure that all applications and platforms are
developed with security in mind and that appropriate security
controls have been implemented while driving continuous investment
into the cybersecurity areas.Utilize business-relevant metrics to
measure the efficiency and effectiveness of the program, facilitate
appropriate resource allocation and increase the security program's
maturity.Work closely with internal stakeholders and business units
to keep abreast of planned changes to technologies, working
practices, and business activities that could impact the
organization's Information Security or risk profile.Support
continued compliance with SOC2, HIPAA and other currently required
standards and act as Product and Engineering technical lead within
product security to expand certifications to include PCI,
NIST800-171, ISO27001/277001, and FedRAMP. Ensure operation of
related controls. Coordinate the provision of required evidence for
audit.Lead incident response activities and post-mortem analysis
for any security breaches or incidents, liaising with the Legal,
Security and Privacy teams on data protection, ensuring root causes
of such breaches are understood and addressed.Conduct hands-on
security assessments, code reviews, and penetration testing to
identify product vulnerabilities and security gaps as
needed.Leverage Workato as an automation solution for SOAR, GRC and
other security-related use casesRequirementsQualifications /
Experience / Technical SkillsMinimum of 7 years of experience in
product security, application security, or a related field.Hands-on
experience designing and deploying security controls across all
security domains, such as access management, data protection,
vulnerability management, incident response and management,
application security, network security, preventive, detective, and
offensive security solutions.Deep understanding of security
principles, techniques, and technologies such as OWASP Top 10, SANS
Top 25, encryption, identity and access management, network
security, and cloud security.Familiarity with compliance frameworks
and standards such as ISO 27001, SOC 2, GDPR, and CCPA.An
understanding of Application Security threats and
countermeasuresPractical knowledge of security technologies,
especially those applying to SaaS Web applications and wider
business solutions, including Firewalls, IDS/IPS, Identity and
access management, SIEM, Data Loss Protection, BCP, and Cloud
SecurityAbility to provide strategic product security mentorship
based on experience performing threat modeling and design reviews
to assess security implications and requirementsBachelor's or
Master's degree in Computer Science, Information Security, or a
related field.Relevant security certifications (e.g., CISSP, OSCP,
CEH) are a plus.Soft Skills / Personal CharacteristicsOutstanding
interpersonal and communication skills; ability to communicate
information successfully internally and externally and to drive
multi-functional alignment and actionExcellent people leadership
skills - providing direction, monitoring performance, motivating
staff, and building a positive working environmentFor California
applicants, the pay for this role begins at $215,000 plus benefits,
perks, and equity.Apply for this job*indicates a required field
First Name * Last Name * Email * Phone * Resume/CV * Enter manually
Accepted file types: pdf, doc, docx, txt, rtf Enter manually
Accepted file types: pdf, doc, docx, txt, rtf LinkedIn Profile *
Where are you currently located? * Are you authorized to work in
the United States for any employer? * Will you now or in the future
require visa sponsorship? * What is your expected compensation
(annual base salary)? * Why do you think you will be successful in
this role? * Voluntary Self-IdentificationFor government reporting
purposes, we ask candidates to respond to the below
self-identification survey.Completion of the form is entirely
voluntary. Whatever your decision, it will not be considered in the
hiringprocess or thereafter. Any information that you do provide
will be recorded and maintained in aconfidential file.As set forth
in Workato's Equal Employment Opportunity policy,we do not
discriminate on the basis of any protected group status under any
applicable law.If you believe you belong to any of the categories
of protected veterans listed below, please indicate by making the
appropriate selection.As a government contractor subject to the
Vietnam Era Veterans Readjustment Assistance Act (VEVRAA), we
request this information in order to measurethe effectiveness of
the outreach and positive recruitment efforts we undertake pursuant
to VEVRAA. Classification of protected categoriesis as follows:A
"disabled veteran" is one of the following: a veteran of the U.S.
military, ground, naval or air service who is entitled to
compensation (or who but for the receipt of military retired pay
would be entitled to compensation) under laws administered by the
Secretary of Veterans Affairs; or a person who was discharged or
released from active duty because of a service-connected
disability.A "recently separated veteran" means any veteran during
the three-year period beginning on the date of such veteran's
discharge or release from active duty in the U.S. military, ground,
naval, or air service.An "active duty wartime or campaign badge
veteran" means a veteran who served on active duty in the U.S.
military, ground, naval or air service during a war, or in a
campaign or expedition for which a campaign badge has been
authorized under the laws administered by the Department of
Defense.An "Armed forces service medal veteran" means a veteran
who, while serving on active duty in the U.S. military, ground,
naval or air service, participated in a United States military
operation for which an Armed Forces service medal was awarded
pursuant to Executive Order 12985. Select... Voluntary
Self-Identification of Disability Form CC-305 Page 1 of 1 OMB
Control Number 1250-0005 Expires 04/30/2026 Voluntary
Self-Identification of Disability Form CC-305 Page 1 of 1 OMB
Control Number 1250-0005 Expires 04/30/2026
Why are you being asked to complete this form?We are a federal
contractor or subcontractor. The law requires us to provide equal
employment opportunity to qualified people with disabilities. We
have a goal of having at least 7% of our workers as people with
disabilities. The law says we must measure our progress towards
this goal. To do this, we must ask applicants and employees if they
have a disability or have ever had one. People can become disabled,
so we need to ask this question at least every five
years.Completing this form is voluntary, and we hope that you will
choose to do so. Your answer is confidential. No one who makes
hiring decisions will see it. Your decision to complete the form
and your answer will not harm you in any way. If you want to learn
more about the law or this form, visit the U.S. Department of
Labor's Office of Federal Contract Compliance Programs (OFCCP)
website at www.dol.gov/ofccp .How do you know if you have a
disability?A disability is a condition that substantially limits
one or more of your "major life activities." If you have or have
ever had such a condition, you are a person with a disability.
Disabilities include, but are not limited to:
#J-18808-Ljbffr
Keywords: Tbwa Chiat/Day Inc, Fremont , Director, Product Security Palo Alto, California, Executive , Mountain View, California
Click
here to apply!
|