Product Security Architect
Atlanta, Georgia or San Francisco Bay Area
Incode
Incode offers the world's most advanced identity verification & authentication system. Power a world of trust with simple, secure & fast identity experiences.REIMAGINE TRUST
Incode is the leading provider of world-class identity solutions that is reinventing the way humans authenticate and verify their identities online to power a world of digital trust.
Through our revolutionary identity solutions, we are unleashing the business potential of universal industries including finance, government, retail, hospitality, gaming and more, by reducing fraud and transforming human interactions with data, products, and services.
We’re in the process of rapidly scaling our diverse global team and we’re looking for entrepreneurial individuals and leaders who are curious, driven, and excited by ownership to join a Unicorn-status scale-up!
- Role Title: Product Security Architect
- Direct Report: Head of Special Projects, IT
- Area: Security and Compliance
- Location: US Remote Preferred Location (Atlanta Georgia or San Francisco Bay Area)
REIMAGINE TRUST
Incode is the leading provider of world-class identity solutions that is reinventing the way humans authenticate and verify their identities online to power a world of digital trust.
Through our revolutionary identity solutions, we are unleashing the business potential of universal industries including finance, government, retail, hospitality, gaming and more, by reducing fraud and transforming human interactions with data, products, and services.
We’re in the process of rapidly scaling our diverse global team and we’re looking for entrepreneurial individuals and leaders who are curious, driven, and excited by ownership to join a Unicorn-status scale-up!
Product Security Architect
As the Product Security Architect, you will collaborate closely with skilled security professionals and engineers to improve the security of Incode’s products.
Responsibilities
· Identify, suggest, and implement security improvements to Incode’s current product offering.
· Actively participate in the definition of product requirements to ensure they incorporate security and privacy by design principles.
· Evaluate solution design and beta versions by applying security methodologies and tools to confirm security and privacy requirements are adequately addressed.
· Continuously implement the latest security and privacy industry practices and build supporting documentation and reference architectures for technical and non-technical audiences.
· Drive product security / privacy strategy and roadmap.
· Conduct threat modeling and risk assessments to identify potential security vulnerabilities.
· Collaborate with cross-functional teams to ensure that security is integrated into all aspects of product development and operations.
· Develop and maintain security policies, standards, and procedures
· Learn continuously to maintain and broaden product security architecture expertise
· Monitoring of product and infrastructure alerts, investigation of root causes, documentation of the findings.
· Implement alerts for monitoring access attempts, and changes to configurations that deviate from established baselines.
· Collaborate in the implementation and improvement of continuous integration, testing (including security), delivery, and deployment pipelines.
· Provide responses to security questionnaires, audits, and other security related questions.
· Work closely with Product, DevOps, IT Compliance, and other areas to ensure security and privacy requirements are met in the development of the product and in the deployment of infrastructure that supports the product.
Qualifications:
· 10+ years of experience in software development, architecture or technology consulting.
· 5+ years in a product security architect role
· Experience working in an Agile/Scrum Environment
· In-depth knowledge of mobile application security, including Web applications, iOS and Android platforms.
· In-depth knowledge of API security, microservices and Kubernetes.
· Hands on experience using Code obfuscation, application binary scanning, integrating SDKs into mobile apps.
· Extensive experience with industry privacy and security standards including ISO 27001, NIST 800-53, FedRAMP, GDPR.
· Experience with DevOps and DevSecOps.
· Experience with continuous security practices, including threat modeling, threat and vulnerability management, secure coding practices, and automated penetration testing.
· Experience with mobile application security testing tools and techniques, including code obfuscation, application binary scanning, integrating SDKs into mobile apps.
· Extensive implementation experience with enterprise security solutions, privilege management, identity management and federation systems.
· Experience with continuous integration, continuous deployment, continuous testing as well as experience with tools like AWS CodeDeploy , CodePipeline, CircleCI, Jenkins, GitHub, DockerHub.
Preferred Experience and Certifications:
· Experience as a thought leader to a talented group of engineers
· CISSP, CISA, CISM, IS027001 LA/LI, SANS (or equivalent experience)
· US Citizenship required
8 Aspects of our Culture:
- Values are what we value
- High performance
- Freedom & responsibility
- Context, not control
- Highly aligned, loosely coupled
- Continuous Feedback
- Pay Top of Market
- Promotions & Development
- Learn more about Life at Incode!
Benefits & Perks:
- Meaningful Equity
- Flexible Working Hours & Workplace
- Open Vacation Policy
- Wellness Program
- International Travel Opportunities
- Additional benefit package according to location (401k, medical insurance, etc.)
Equal Opportunities:
Incode is an equal opportunity employer, committed to creating a diverse and inclusive work environment. We take great pride in having an inclusive, diverse, and global team and are always on the lookout for talented, passionate people from all backgrounds and walks of life.
Applicant Data Privacy:
We will only use your personal information in connection with Incode’s application, recruitment, and hiring processes.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Agile Android APIs Application security Audits AWS CircleCI CISA CISM CISSP Compliance DevOps DevSecOps FedRAMP Finance GDPR GitHub iOS ISO 27001 Kubernetes Microservices Monitoring NIST NIST 800-53 Pentesting Privacy Product security Risk assessment SANS Scrum Strategy Vulnerabilities Vulnerability management
Perks/benefits: Career development Equity Flex hours Flex vacation
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Staff Security Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Security Analyst jobs
- Open Security Operations Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Cyber Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Product Security Engineer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Cyber Security Specialist jobs
- Open Cybersecurity Analyst jobs
- Open Principal Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Specialist jobs
- Open Security Specialist jobs
- Open Chief Information Security Officer jobs
- Open Security Researcher jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Specialist jobs
- Open Information System Security Officer (ISSO) jobs
- Open Clearance-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open CISM-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open IAM-related jobs
- Open CISA-related jobs
- Open Threat intelligence-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open EDR-related jobs
- Open Malware-related jobs
- Open APIs-related jobs
- Open IDS-related jobs
- Open Security Clearance-related jobs
- Open CI/CD-related jobs
- Open DevSecOps-related jobs