Product Security, Manager

As the Manager of Product Security, you will play a crucial role in ensuring the security and integrity of our SAS (Software as a Service) platform. You will lead a team responsible for threat modeling, conducting shift left reviews, and managing vulnerability remediation efforts. Your security expertise best practices, threat assessment, and proactive risk mitigation will be essential in safeguarding our platform and protecting our customers' data.

Key Responsibilities:

Threat Modeling: Collaborate with cross-functional teams to identify potential security threats and vulnerabilities in the SAS platform. Conduct thorough threat modeling exercises to assess risks and prioritize mitigation strategies.

Shift Left Reviews: Implement and oversee shift left security practices to integrate security measures early in the software development lifecycle. Work closely with development teams to conduct code reviews, identify security gaps, and enforce secure coding standards.

Vulnerability Remediation: Lead efforts to identify, prioritize, and remediate security vulnerabilities in the SAS platform. Coordinate with development teams to implement patches, updates, and security fixes in a timely manner.

Security Testing: Develop and execute comprehensive security testing plans, including penetration testing, code scanning, and vulnerability assessments. Analyze test results to identify security weaknesses and recommend remediation actions.

Security Awareness and Training: Foster a culture of security awareness within the organization by providing regular training sessions and educational materials. Keep abreast of the latest security threats, trends, and best practices to continuously enhance the security posture of the SAS platform.

Compliance and Regulatory Requirements: Ensure that the SAS platform complies with relevant security standards, industry regulations, and data protection laws. Stay informed about evolving compliance requirements and drive initiatives to maintain compliance across all aspects of product security.

Incident Response: Develop and maintain incident response plans and protocols to effectively respond to security incidents and breaches. Lead investigations into security incidents, implement remediation actions, and identify lessons learned to strengthen security defenses.

Qualifications:

• Bachelor's degree in Computer Science, Information Security, or a related field (Master's degree preferred).
• Proven experience 8+ years in product security, with a focus on threat modeling, shift left reviews, and vulnerability management.
• Strong understanding of security principles, protocols, and best practices.
• Hands-on experience with security testing tools and techniques, such as penetration testing, code scanning, and vulnerability assessment.
• Excellent communication skills with the ability to effectively collaborate with cross-functional teams and communicate complex security concepts to non-technical stakeholders.
• Experience deploying programs using OWASP Top Ten and MITRE ATT&CK frameworks
• Relevant certifications (e.g., CISSP, CISM, CEH) preferred.
• Experience working in a SaaS environment is needed.

About Sisense:

Sisense stands as a beacon of light in the embedded analytics landscape, recognized globally for pioneering solutions that infuse intelligence into every facet of business. As we continue on our journey and explore the vast opportunities of the API economy, we're positioning ourselves for unprecedented growth.

Our vision is bold and transformative: a future where analytics and insights underpin every decision, every process, and every interaction. Our team, an amalgamation of diverse perspectives and unique skills, is our secret weapon. At Sisense, we foster a culture of innovation, collaboration, and inclusivity, powering our relentless drive to redefine what's possible in the world of analytics.

Join us in this ambitious journey. This position offers more than a job; it's a chance to reshape the industry, redefine the future of analytics, and be a part of a team that's pushing boundaries. Let's shape the future of analytics together.