infosec-jobs.com
Staff Security Engineer - Product Security Incident Response Team (PSIRT)
Ireland - Dublin
Guidewire Software
Elevate your P&C insurance with Guidewire's industry-leading software! Streamline workflows, enhance customer experience, and drive growth. Learn more today!Come and join our Guidewire PSIRT (Product Security Incident Response Team) and be a part of a high-powered and high-performing team that regularly works across the entire organization, with everyone from product teams to executives. Urgent escalations from enterprise customers, investigating reported vulnerabilities, performing root cause analysis and working with security researchers
Guidewire PSIRT (Product Security Incident Response Team) is responsible for:
- Guidewire product vulnerability management process for all Guidewire applications.
- Coordination of customer/external product security incidents and reported security issues affecting various Guidewire products and applications.
- Working cross-functionally with all business units, sustaining engineers, product security team members, customer support, legal and external security researchers to ensure timely resolution of security incidents and events.
- Development, maintenance and continuous improvement of the product security incident monitoring, detection and response tools and process, including all required supporting materials.
- Pen testing Guidewire applications to ensure timely discovery of the vulnerabilities.
- Security Review and Code Review of Guidewire applications
We are looking for a new team member who will be responsible to perform following activities (but not limited to)
- Lead and own PSIRT Process - triage security related issues (external / internal), verify those on different versions, products.
- Perform root cause analysis to ensure validity of reported issues.
- Triage code defect based issues, quantitatively evaluate risk and provide guidance to engineering teams regarding the impact of security issues using industry standard metrics such as CVSS.
- Work closely with project management, product management, engineering and sustaining teams to drive issues to closure. ● Cultivate strong working relationships with external researchers, reporting organizations and customers to ensure effective collaboration. Work with customer facing and internal teams to continually improve processes used to identify and fix product security issues
- Enhance existing product security incident response program
- Coordinate with internal product development teams in accomplishing regular security reviews and penetration testing assessments.
- Execute the penetration tests internally to identify security vulnerabilities.
- Perform security-focused code reviews
- Support the preparation of security releases.
- Create security guidance and documentation
- Develop security tooling and automation
- Develop and deliver security training and outreach to internal development teams
- Assist teams in reproducing, triaging, and addressing application security vulnerabilities.
About Guidewire
Guidewire is the platform P&C insurers trust to engage, innovate, and grow efficiently. We combine digital, core, analytics, and AI to deliver our platform as a cloud service. More than 500 insurers in 38 countries, from new ventures to the largest and most complex in the world, run on Guidewire.
As a partner to our customers, we continually evolve to enable their success. We are proud of our unparalleled implementation track record with 1000+ successful projects, supported by the largest R&D team and partner ecosystem in the industry. Our Marketplace provides hundreds of applications that accelerate integration, localization, and innovation.
For more information, please visit www.guidewire.com and follow us on Twitter: @Guidewire_PandC.
Guidewire Software Inc. provides equal employment opportunities to all applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. All offers are contingent upon passing a criminal history and other background checks where it's applicable to the position.
We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.
CONSENT and ACKNOWLEDGEMENT
By clicking the submitting your application on the following page:
1. You consent to Guidewire collecting, retaining, disclosing and using your Personal Data as outlined above, and to its transfer of your Personal Data outside the country where you live or work, and/or to third parties for the above purposes.
2. In the event that you submit any Sensitive Personal Data, you explicitly consent to Guidewire collecting, retaining, disclosing and transferring your Sensitive Personal Data on the terms and for the same purposes as described above in relation to Personal Data.
3. You acknowledge that you have the right to access your Personal Data and Sensitive Personal Data at any time and have the right to correct any errors.
4. You acknowledge that your Personal Data will be retained for up to 24 months.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Analytics Application security Automation C Cloud CVSS Incident response Monitoring Pentesting Product security PSIRT R&D Vulnerabilities Vulnerability management
Perks/benefits: Career development Team events
Region:
Europe
Country:
Ireland
Job stats:
11
2
0
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Senior Information Security Analyst jobs
- Open IT Security Analyst jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Information Security Officer jobs
- Open Staff Security Engineer jobs
- Open Security Operations Engineer jobs
- Open Analyste CERT / Incident Responder junior (H/F) jobs
- Open Ingénieur DevSecops H/F jobs
- Open Cybersecurity Consultant jobs
- Open Senior Security Architect jobs
- Open Chief Information Security Officer jobs
- Open Analyste CERT / Incident Responder senior (H/F) jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Security Analyst jobs
- Open o365 Security Architect jobs
- Open Principal Security Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Staff Product Security Engineer jobs
- Open Electronic Warfare Advanced Tactical Trainer jobs
- Open Product Security Engineer jobs
- Open Security Researcher jobs
- Open Cyber Security Architect jobs
- Open SOC-related jobs
- Open GCP-related jobs
- Open Risk assessment-related jobs
- Open Governance-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open ISO 27001-related jobs
- Open CISM-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open Threat intelligence-related jobs
- Open IAM-related jobs
- Open Malware-related jobs
- Open Security Clearance-related jobs
- Open Vulnerability management-related jobs
- Open Java-related jobs
- Open CISA-related jobs
- Open Security assessment-related jobs
- Open Kubernetes-related jobs
- Open DevOps-related jobs
- Open Forensics-related jobs
- Open APIs-related jobs
- Open DoD-related jobs
- Open IDS-related jobs
- Open SQL-related jobs