Staff Product Security Architect

OverviewThe Staff Product Security Architect is responsible for communicating the security requirements for Diligent products. This person understands Cyber Security challenges related to software and cloud architecture and provides guidance to engineering and development teams. Reporting to the Director, Application Security, this person will serve as a strategic security partner to both Product and Engineering leadership. As a key security stakeholder to the Engineering and Product Management organizations, this role’s primary objective is to clearly communicate security requirements for developers, engineers, and product managers and to ensure that Diligent products are architected and deployed in a secure manner.Key ResponsibilitiesProvide Cyber Security subject matter expertise in documenting, implementing, and communicating product security concepts, requirements, and policies to the Engineering and Product Management teams.Evaluate security architectures and designs to determine the adequacy of security design and architecture proposed by various teams and recommend enhancements where needed through threat modelling or security reviews.Collaborate with the Product and Engineering teams to prioritize security features and the remediation of security findings.Perform industry research as necessary to support feature development and program maturity.In collaboration with Risk Management team, perform security reviews, identify gaps in security architecture, and develop a security risk management plan.Define and document how the implementation of a new system or new interfaces between systems impacts the security posture of the current environment.Create and maintain product related security architecture documentation, standards and guidelines as needed.Required Experience / Skills7+ years in Information Security related positions3+ years of Security Architecture experience2+ years working in Cloud Architecture (AWS/Azure/GCP)Proven experience embedding security into engineering processes and influencing product developmentIn-depth knowledge of modern web application vulnerabilities and approaches to remediationAn analytical mind with excellent problem-solving abilityOutstanding communication and organization skillsEffective use of analogies, visuals, and other techniques to tailor communications to specific audiencesFamiliarity with security frameworks (e.g. NIST Cybersecurity framework) and risk management methodologiesAble to produce advanced reportingBS/BA in Computer Science or a related field or equivalent combination of education and experiencePay Range$115,000—$140,000 CADWhat Diligent Offers YouCreativity is ingrained in our culture. We are innovative collaborators by nature. We thrive in exploring how things can be differently both in our internal processes and to help our clientsWe care about our people. Diligent offers a flexible work environment, global days of service, comprehensive health benefits, meeting free days, generous time off policy and wellness programs to name a fewWe have teams all over the world. We may be headquartered in New York City, but we have office hubs in Washington D.C., Vancouver, London, Galway, Budapest, Munich, Bengaluru, Singapore, and Sydney.Diversity is important to us. Growing, maintaining and promoting a diverse team is a top priority for us. We foster and encourage diversity through our Employee Resource Groups and provide access to resources and education to support the education of our team, facilitate dialogue, and foster understanding.We are a drug free workplace. Diligent is proud to be an equal opportunity employer. We do not discriminate based on race, color, religious creed, sex, national origin, ancestry, citizenship status, pregnancy, childbirth, physical disability, mental disability, age, military status, protected veteran status, marital status, registered domestic partner or civil union status, gender (including sex stereotyping and gender identity or expression), medical condition (including, but not limited to, cancer related or HIV/AIDS related), genetic information, or sexual orientation in accordance with applicable federal, state and local laws. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. See also Diligent's EEO Policy and Know Your Rights. We are committed to providing reasonable accommodations for qualified individuals with disabilities and disabled veterans in our job application procedures. If you need assistance or an accommodation due to a disability, you may contact us at recruitment@diligent.com.To all recruitment agencies: Diligent does not accept unsolicited agency resumes. Please do not forward resumes to our jobs alias, Diligent employees or any other organization location. Diligent is not responsible for any fees related to unsolicited resumes. #J-18808-Ljbffr