Product Security Architect / Sr Architect
US - California - Southern - Remote
Full Time Senior-level / Expert USD 152K - 228K
Illumina
Illumina sequencing and array technologies fuel advancements in life science research, translational and consumer genomics, and molecular diagnostics.Position Summary
- This role requires Product Security and software development experience, knowledge, and skills. You'll be responsible for leading pre-market and post-market security initiatives & solutions including Illumina medical instruments and connected software before they are released to customers.
- The Product Security Architect/Sr Architect is a critical role at Illumina in ensuring the manufacturing of our physical medical devices and software solutions development are secure.
- As a valued team member, you will define, identify, evaluate, and maintain controls, providing visibility into the health, and security of our products.
- You will collaborate closely with our engineering, development, and technology groups to define and maintain medical device security and lead the change, ensuring secure posture for Illumina products in Premarket and Postmarket phases of the product.
- The Product Security Architect/Sr Architect is responsible for introducing security controls, processes and testing throughout entire product SDLC, from hardware selection to decommissioning the device. You are highly motivated to integrate security capabilities into continuous release planning and execution for all Illumina products.
Responsibilities
- Drive Secure Design working in close partnership with our Development Teams.
- Deliver security requirements at the system and software levels, partnering with the development team to ensure correct implementation.
- Partner with the Development Teams and deliver threat models on software development projects, identifying and prioritizing cybersecurity requirements.
- Guide, mentor and advise the Verification Team, ensuring that verification of cybersecurity requirements is performed correctly and with full coverage.
- Partner with the Development and Quality teams; drive and deliver Cybersecurity Risk Assessments on projects, ensuring all risks are identified, prioritized and addressed as expected.
- Drive and execute/facilitate all varieties of cybersecurity testing; from penetration testing to vulnerability scans, ensuring along the way that all findings are triaged/root caused/addressed appropriately.
- Work tirelessly on improving the integration of Product Security into SDLC, building trust, expertise, and process efficiencies.
- Drive security initiatives by example, be knowledgeable and passionate, be strong communicator and never miss an opportunity to educate and train partner teams on the topics of Product Security.
Requirements
- Experience in application and product security coupled with a strong depth of understanding and knowledge of relevant technology stacks.
- Expertise in building secure designs for software products or perform penetration testing for software products.
- Ability to understand code and system configurations and being able to recommend modifications to those, to ensure better security posture.
- Very in-depth understanding of software development and the ability to effectively build and communicate security designs, taking in consideration software design context.
- Understanding of three or more security domains (such as for example, platform security, network security, application security, etc.)
- Understanding of OWASP Top 10 Web Application Vulnerabilities.
- Coding experience with two or more programming languages.
- Experience with software security tools such as nMap, Wireshark, Kali Linux, OpenVAS
- Effective communicator delivering key messages to team stakeholders, and business partners using informative clear verbal and written communications.
- Experience with a medical device manufacturer or other relevant regulated industries is preferred.
Education
- Bachelor’s degree in computer science, engineering, or relevant work experience.
- Professional qualifications are preferred such as: CISSP, CISM, CSSLP, or OSCP.
#LI-REMOTE
The estimated base salary range for the Product Security Architect / Sr Architect role based in the United States of America is: $152,600 - $228,800. Should the level or location of the role change during the hiring process, the applicable base pay range may be updated accordingly. Compensation decisions are dependent on several factors including, but not limited to, an individual’s qualifications, location where the role is to be performed, internal equity, and alignment with market data. Additionally, all employees are eligible for one of our variable cash programs (bonus or commission) and eligible roles may receive equity as part of the compensation package. We offer a wide range of benefits as innovative as our work, including access to genomics sequencing, family planning, health/dental/vision, retirement benefits, and paid time off.At Illumina, we strive to foster a diverse and inclusive workplace by cultivating an environment in which everyone contributes to our mission. Built on a strong foundation, Illumina has always been rooted in openness, collaboration, and seeking alternative views and perspectives to propel innovation in genomics. We are proud to confirm a zero-net gap in pay, regardless of gender, ethnicity, or race. We also have several Employee Resource Groups (ERG) that deliver career development experiences, increase cultural awareness, and demonstrate our collective commitment to diversity and inclusion in the communities we live and work. We are proud to be an equal opportunity employer committed to providing employment opportunity regardless of sex, race, creed, color, gender, religion, marital status, domestic partner status, age, national origin or ancestry, physical or mental disability, medical condition, sexual orientation, pregnancy, military or veteran status, citizenship status, and genetic information. If you require accommodation to complete the application or interview process, please contact accommodations@illumina.com. To learn more, visit: https://www.dol.gov/ofccp/regs/compliance/posters/pdf/eeopost.pdf. The position will be posted until a final candidate is selected or the requisition has a sufficient number of qualified applicants.
Tags: Application security CISM CISSP Compliance Computer Science Kali Linux Network security Nmap OpenVAS OSCP OWASP Pentesting Product security Risk assessment SDLC Vulnerabilities Vulnerability scans
Perks/benefits: Career development Equity Health care Salary bonus
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Senior Security Analyst jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Principal Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Specialist jobs
- Open Product Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Chief Information Security Officer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Cybersecurity Consultant jobs
- Open IT Security Analyst jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Security Specialist jobs
- Open Security Researcher jobs
- Open Cybersecurity Specialist jobs
- Open Senior Security Architect jobs
- Open IT Security Engineer jobs
- Open Sr. Security Engineer jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open SaaS-related jobs
- Open Analytics-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Malware-related jobs
- Open Security Clearance-related jobs
- Open IDS-related jobs
- Open DevOps-related jobs
- Open Forensics-related jobs
- Open CEH-related jobs
- Open Kubernetes-related jobs
- Open EDR-related jobs