Product Security Architect (Compliance) Remote US

Company: Mandiant
Location: Austin
Posted on: November 19, 2021

Job Description:

Company Description

Since 2004, Mandiant has been a trusted partner to security-conscious organizations. Effective security is based on the right combination of expertise, intelligence, and adaptive technology, and the Mandiant Advantage SaaS platform scales decades of frontline experience and industry-leading threat intelligence to deliver a range of dynamic cyber defense solutions. Mandiant's approach helps organizations develop more effective and efficient cyber security programs and instills---confidence in their readiness to defend against and respond to cyber threats.

Job Description

Are you energized by the opportunity to bridge SaaS engineering and pragmatic security practices? Are you passionate about both sharing your technical talents and amplifying others? We are looking for a hands-on, highly collaborative Security Architect to design and champion security best-practices directly adjacent to our Mandiant Engineering organization.

As a part of the DevOps, Delivery, and Platform (DDP) team, Security Engineering supports Application Security, System Architecture, Compliance Enablement, and Secure SDLC practices for Mandiant Product Engineering. In support of Mandiant's broad Security function, Security Engineering embeds within and directly enables product engineering teams to deliver mission-critical, highly secure SaaS capabilities at both speed and scale. We believe effective security begins with providing secure solutions to key engineering requirements and technical partnership via guardrails not roadblocks. Our team securely enables the business by collaborative source code and architecture reviews, turn-key engineering solutions, and streamlining both security testing and compliance-related activities.

What You Will Do:
Foster and evangelize security culture across diverse and fast-paced engineering teams with technical credibility, personal empathy, and service
Develop and support security-focused engineering capabilities, including static application security testing, software supply chain management, and CICD platform tooling
Conduct technical compliance assessments of controls for in-scope systems, including remediation assessments and audit-readiness assessments
Partner with Product teams, advising both on applicable control requirements and potential solutions to address them
Identify control deficiencies and maintain records of deficiency details including management response documentation and exposure check evidence
Drive remediation activities with stakeholders, including developing remediation plans, tracking, and reporting remediation progress
Support evidence collection and documentation for internal and external audits
Stay up to date and proactively informed on developing regulatory concerns and evolving compliance controls, in practice and technical solutions

Qualifications

Minimum Requirements:
5+ years of Information Security leadership, with demonstrated experience across multiple domains, e.g., Application, Cloud, Product Security
Software development experience, particularly with SaaS full-stack architecture
Dynamic technical leadership acumen, both cross-functionally and directly supporting highly technical staff
Project management experience, including direct teams and external partners
US Citizenship required due to the nature of the work

Additional Qualifications:
You foster credibility and collaboration with technical stakeholders by mapping security control requirements to practical solutions for various technologies
You are biased to action at speed, comfortable with ambiguity, and able to distill complexity to clarity across varied technical disciplines
You recognize the magic of facilitating people with diverse talents, perspectives, and technical backgrounds in accomplishing great things together

Additional Information

At Mandiant we are committed to our #OneTeam approach combining diversity, collaboration, and excellence. All qualified applicants will receive consideration for employment without regard to race, sex, color, religion, sexual orientation, gender identity, national origin, protected veteran status, or on the basis of disability.

Minimum Salary: $160,000. Final salary will be determined commensurately with cost of living, experience level, and/or any other legally permissible considerations.

Incentive Compensation: Eligibility for annual bonus subject to individual and company performance; eligibility for award of Restricted Stock Units subject to eligibility requirements, approval from FireEye's Compensation Committee, and vesting terms

Benefits: Employer subsidized benefits include Medical, Dental, Vision, Life, and Disability Insurance.---Subject to eligibility requirements, FireEye also offers the ability to participate in 401(k), Flexible Spending Accounts, Health Savings Accounts, Dependent Care Spending Accounts, and Employee Stock Purchase Program.---FireEye also provides Paid Time Off, Flexible Paid Sick Time, and Paid Holidays.
Disclosure as required by sb19-085 (8-5-20)

Keywords: Mandiant, Austin , Product Security Architect (Compliance) Remote US, Professions , Austin, Texas