This role is responsible for overseeing the security aspects of software products throughout the development lifecycle. The role safeguards software products against potential security threats and vulnerabilities. The role collaborates with software development teams, security experts, and stakeholders to integrate security best practices into the software development lifecycle. The role helps ensure that the software products meet stringent security standards and provide a secure user experience.
Responsibilities
- Leads the process of planning, testing, and implementing advanced software security techniques.
- Leads on-going security testing and code review to improve software security; updates security testing plans to ensure known vulnerabilities will not resurface.
- Prepares engineering designs for new software solutions to help mitigate security vulnerabilities.
- Leads internal teams in the adoption of SDL, specifically source code analysis, threat modeling, risk analysis, and writing product security requirements.
- Reviews and evaluates designs and project activities for compliance with security standards and guidelines; provides tangible feedback to improve product quality and mitigate risk.
- Responds to high visibility incidents in collaboration with other product, security, and privacy teams in the organization.
- Partners with engineering leaders across the organization to help them prioritize security issues in their products and balance business goals.
- Works with a diversified group of stakeholders and technical leads to identify, communicate, and mitigate project risks, issues, and dependencies.
- Provides security training and awareness to development teams to promote a security-conscious culture and educate team members about secure coding practices.
- Works with cross-functional teams, including developers, QA engineers, DevOps teams, and stakeholders, to achieve secure software development and deployment.
Education & Experience Recommended
- Four-year or Graduate Degree in Computer Science, Software Engineering, or any other related discipline or commensurate work experience or demonstrated competence.
- Typically has 7-10 years of work experience, preferably in software security and automation, or a related field.
Preferred Certifications
- Certified Information Systems Security Professional
- Systems Security Certified Practitioner
Knowledge & Skills
- Agile Methodology
- Automation
- CI/CD
- Code Review
- Computer Science
- Continuous Integration
- Cyber Security
- DevOps
- Github
- Java (Programming Language)
- Object-Oriented Programming (OOP)
- Product Design
- Python (Programming Language)
- Secure Coding
- Security Software
- Software Development
- Software Engineering
- Systems Development Life Cycle
- Threat Modeling
- Vulnerability
Cross-Org Skills
- Effective Communication
- Results Orientation
- Learning Agility
- Digital Fluency
- Customer Centricity
Impact & Scope
- Impacts function and leads and/or provides expertise to functional project teams and may participate in cross-functional initiatives.
Complexity
- Works on complex problems where analysis of situations or data requires an in-depth evaluation of multiple factors.
Disclaimer
- This job description describes the general nature and level of work performed in this role. It is not intended to be an exhaustive list of all duties, skills, responsibilities, knowledge, etc. These may be subject to change and additional functions may be assigned as needed by management.
The pay range for this role is $130,700 to $205,200 USD annually with additional opportunities for pay in the form of bonus and/or equity (applies to United States of America candidates only). Pay varies by work location, job-related knowledge, skills, and experience.
Benefits:
HP offers a comprehensive benefits package for this position, including:
Health insurance
Dental insurance
Vision insurance
Long term/short term disability insurance
Employee assistance program
Flexible spending account
Life insurance
Generous time off policies, including;
4-12 weeks fully paid parental leave based on tenure
11 paid holidays
Additional flexible paid vacation and sick leave (US benefits overview)
The compensation and benefits information is accurate as of the date of this posting. The Company reserves the right to modify this information at any time, with or without notice, subject to applicable law.
