Product Security Architect
Italy
ChargePoint
ChargePoint is the world’s largest network of electric vehicle (EV) charging stations in North America and Europe. Join the EV revolution for a greener tomorrow.About Us
With electric vehicles expected to be nearly 30% of new vehicle sales by 2025 and more than 50% by 2040, electric mobility is becoming a reality. ChargePoint (NYSE: CHPT) is at the center of this revolution, powering one of the world’s leading EV charging networks and a comprehensive set of hardware, software and mobile solutions for every charging need across North America and Europe. We bring together drivers, businesses, automakers, policymakers, utilities and other stakeholders to make e-mobility a global reality.
Since our founding in 2007, ChargePoint has focused solely on making the transition to electric easy for businesses, fleets and drivers. ChargePoint offers a once-in-a-lifetime opportunity to create an all-electric future and a trillion-dollar market.
At ChargePoint, we foster a positive and productive work environment by committing to live our values of Be Courageous, Charge Together, Love our Customers, Operate with Openness, and Relentlessly Pursue Awesome. These values guide how we show up every day, align, and work together to build a brighter future for all of us.
Join the team that is building the EV charging industry and make your mark on how people and goods will get everywhere they need to go, in any context, for generations to come.
Discover what it’s like to help build the fueling network of the future - check out our Engineering Blog.
What You Will Be Doing
ChargePoint is looking for a Product Security Architect who will help develop our product security strategy, implement tools, architect our product security roadmap, develop process, perform threat assessment and security reviews, and work with different team leaders to implement a security by design culture as part of our product lifecycle. This role will be responsible for providing guidance, advice, oversight, and implementation of controls on product security matters.
As a Product Security architect, you will design security controls and help validate that our services, applications, stations, and emerging technologies are designed and implemented to the highest security standards. You will be responsible for analyzing the security of applications and services, discovering, and addressing security issues, designing security automation, and decisively taking action to mitigate emerging threats throughout a full secure development life cycle (SDLC). This role will provide career growth opportunities as you gain new security skills in the course of your work. You have an opportunity to experiment, learn, build tools, and work with teams building new technology and services at massive scale in the EV charging space.
What You Will Bring to ChargePoint
- Experience building relationships with key stakeholders across the business to understand their current and planned product activities (application and embedded)
- Experience developing processes and policies to mitigate key product risks.
- Lead security architecture review, application pen testing and DAST program with end-to-end ownership
- Drive ChargePoint’s bug bounty program
- Help the team fine-tune the WAF product
- Work with the team to deliver PCI deliverables.
- Present key product security metrics and risks to senior leadership.
- Performing security assessments, identifying, and mitigating risks through effective tools, processes, training, and guidance. Managing product risk assessments and remediation plans
- Developing and managing a comprehensive product security training program and promoting security awareness throughout the product team agenda
- Influence decision-makers and stakeholders to achieve a consistently high security bar.
- Experience working with engineering teams to design and implement security controls.
- Support for mentoring, team building and recruiting activities
Requirements
- 8 + years of dedicated working knowledge, and real-world experience of product security best practice across multiple functions and geographies
- Experience working with Security Architecture review (AWS) / threat modelling
- Experience in Application Pentest
- Experience in product testing (WAF, EDR, Endpoint)
- Experience implementing security by design culture.
- Experience with one or more programming languages (such as Java, C++, PHP, others) for the purpose of code review.
- An understanding of networking and communication protocols (such as TCP/IP, UDP, SSL/TLS, IPSEC, HTTP, HTTPS, BGP)
- Ability to lead through influence within a secure development life cycle for multiple products and technologies, meeting customer expectations for security
- Demonstrate ability to clearly identify business and regulatory implications of analysis and findings and propose strategic solutions
- Customer and organizational data literacy on processing, usage, management
- Ability to manage multiple stakeholders, understand technology and commercial concepts quickly
- Strong relationship’s skills / ability to communicate effectively both in writing and verbally
- Ability to identify and mitigate product security risks with the ability to understand materiality of risks and prioritize / differentiate response accordingly
- Experience in implementing and managing product security tools (good to have)
- Experience in the automotive or EV charging industry (good to have)
- Experience with embedded / hardware security (good to have)
Location
UK, France, Germany, Spain, Italy
We are committed to an inclusive and diverse team. ChargePoint is an equal opportunity employer. We do not discriminate based on race, color, ethnicity, ancestry, national origin, religion, sex, gender, gender identity, gender expression, sexual orientation, age, disability, veteran status, genetic information, marital status or any legally protected status.
If there is a match between your experiences/skills and the Company needs, we will contact you directly.
#LI-KD1
ChargePoint is an equal opportunity employer.
Applicants only - Recruiting agencies do not contact.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Automation AWS C DAST EDR Java Pentesting PHP Product security Risk assessment SDLC Security assessment Security strategy Strategy TCP/IP TLS
Perks/benefits: Career development Startup environment Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Product Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Cybersecurity Analyst jobs
- Open Senior Information Security Analyst jobs
- Open Chief Information Security Officer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Security Specialist jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Cybersecurity Specialist jobs
- Open Security Researcher jobs
- Open IT Security Engineer jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open Network security-related jobs
- Open Windows-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Agile-related jobs
- Open Application security-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Malware-related jobs
- Open Security Clearance-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open CEH-related jobs
- Open Forensics-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs