Product Security Architect

Atlanta, Georgia or San Francisco Bay Area

Applications have closed

Incode

Incode offers the world's most advanced identity verification & authentication system. Power a world of trust with simple, secure & fast identity experiences.

View company page

REIMAGINE TRUST

Incode is the leading provider of world-class identity solutions that is reinventing the way humans authenticate and verify their identities online to power a world of digital trust.

Through our revolutionary identity solutions, we are unleashing the business potential of universal industries including finance, government, retail, hospitality, gaming and more, by reducing fraud and transforming human interactions with data, products, and services.

We’re in the process of rapidly scaling our diverse global team and we’re looking for entrepreneurial individuals and leaders who are curious, driven, and excited by ownership to join a Unicorn-status scale-up!

  • Role Title: Product Security Architect
  • Direct Report: Head of Special Projects, IT 
  • Area: Security and Compliance
  • Location: US Remote Preferred Location (Atlanta Georgia or San Francisco Bay Area)

REIMAGINE TRUST

Incode is the leading provider of world-class identity solutions that is reinventing the way humans authenticate and verify their identities online to power a world of digital trust.

Through our revolutionary identity solutions, we are unleashing the business potential of universal industries including finance, government, retail, hospitality, gaming and more, by reducing fraud and transforming human interactions with data, products, and services.

We’re in the process of rapidly scaling our diverse global team and we’re looking for entrepreneurial individuals and leaders who are curious, driven, and excited by ownership to join a Unicorn-status scale-up!

Product Security Architect

As the Product Security Architect, you will collaborate closely with skilled security professionals and engineers to improve the security of Incode’s products.

Responsibilities

· Identify, suggest, and implement security improvements to Incode’s current product offering.

· Actively participate in the definition of product requirements to ensure they incorporate security and privacy by design principles.

· Evaluate solution design and beta versions by applying security methodologies and tools to confirm security and privacy requirements are adequately addressed.

· Continuously implement the latest security and privacy industry practices and build supporting documentation and reference architectures for technical and non-technical audiences.

· Drive product security / privacy strategy and roadmap.

· Conduct threat modeling and risk assessments to identify potential security vulnerabilities.

· Collaborate with cross-functional teams to ensure that security is integrated into all aspects of product development and operations.

· Develop and maintain security policies, standards, and procedures

· Learn continuously to maintain and broaden product security architecture expertise

· Monitoring of product and infrastructure alerts, investigation of root causes, documentation of the findings.

· Implement alerts for monitoring access attempts, and changes to configurations that deviate from established baselines.

· Collaborate in the implementation and improvement of continuous integration, testing (including security), delivery, and deployment pipelines.

· Provide responses to security questionnaires, audits, and other security related questions.

· Work closely with Product, DevOps, IT Compliance, and other areas to ensure security and privacy requirements are met in the development of the product and in the deployment of infrastructure that supports the product.

Qualifications:

· 10+ years of experience in software development, architecture or technology consulting.

· 5+ years in a product security architect role

· Experience working in an Agile/Scrum Environment

· In-depth knowledge of mobile application security, including Web applications, iOS and Android platforms.

· In-depth knowledge of API security, microservices and Kubernetes.

· Hands on experience using Code obfuscation, application binary scanning, integrating SDKs into mobile apps.

· Extensive experience with industry privacy and security standards including ISO 27001, NIST 800-53, FedRAMP, GDPR.

· Experience with DevOps and DevSecOps.

· Experience with continuous security practices, including threat modeling, threat and vulnerability management, secure coding practices, and automated penetration testing.

· Experience with mobile application security testing tools and techniques, including code obfuscation, application binary scanning, integrating SDKs into mobile apps.

· Extensive implementation experience with enterprise security solutions, privilege management, identity management and federation systems.

· Experience with continuous integration, continuous deployment, continuous testing as well as experience with tools like AWS CodeDeploy , CodePipeline, CircleCI, Jenkins, GitHub, DockerHub.

Preferred Experience and Certifications:

· Experience as a thought leader to a talented group of engineers

· CISSP, CISA, CISM, IS027001 LA/LI, SANS (or equivalent experience)

· US Citizenship required

8 Aspects of our Culture:

  • Values are what we value
  • High performance
  • Freedom & responsibility
  • Context, not control
  • Highly aligned, loosely coupled
  • Continuous Feedback
  • Pay Top of Market
  • Promotions & Development
  • Learn more about Life at Incode!

Benefits & Perks:

  • Meaningful Equity
  • Flexible Working Hours & Workplace
  • Open Vacation Policy
  • Wellness Program
  • International Travel Opportunities
  • Additional benefit package according to location (401k, medical insurance, etc.)

 

 

Equal Opportunities:

Incode is an equal opportunity employer, committed to creating a diverse and inclusive work environment. We take great pride in having an inclusive, diverse, and global team and are always on the lookout for talented, passionate people from all backgrounds and walks of life.

Applicant Data Privacy:

We will only use your personal information in connection with Incode’s application, recruitment, and hiring processes.

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Tags: Agile Android APIs Application security Audits AWS CircleCI CISA CISM CISSP Compliance DevOps DevSecOps FedRAMP Finance GDPR GitHub iOS ISO 27001 Kubernetes Microservices Monitoring NIST NIST 800-53 Pentesting Privacy Product security Risk assessment SANS Scrum Strategy Vulnerabilities Vulnerability management

Perks/benefits: Career development Equity Flex hours Flex vacation

Region: North America
Country: United States
Job stats:  3  0  0
Category: Architecture Jobs

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.