VMware Director of Product Security in Denver, Colorado
The Director of Product Security will continue to drive and advance set the overall product security strategy for Carbon Black, the Security Business Unit of VMware. This position is separate but complementary to VMware’s corporate security function and will focus on driving the continuing evolution of our internal product security program. This individual will work with product management and engineering leadership to ensure that our internal product security program continues to be effective in response to the ever-changing threatscape that VMware Carbon Black faces as we grow.
The qualified candidate will have deep technical knowledge of the security issues that surround both cloud hosted (SaaS) service offerings, hybrid and on-prem software products, and will be able to communicate effectively with product development teams, senior leadership, customers, and corporate security functions.
What y ou and the team you lead will d o
Validate and improve ourSecureSoftwareDevelopment Lifecycle and global regulatory compliance
Evolve and execute product security strategy
Recruit and manage theVMwareCarbon BlackProduct Securityteam and administer its processes
Track to resolution open security and vulnerability items
Define and manage securedesign,coding,testing,deployment, maintenance, and governancepractices, including code analysis and audit
Collaborate with VMware corporate Product Security, aligning and integrating processes and tooling
Manageinternaland third-partypenetration tests
Coordinate and manage lifecycle of reports throughthe Carbon Black bug bounty program
Manage internal and external vulnerability analysis programs
Work as a complement to corporate security operations to define and maintain a cohesive monitoring andresponseprogram for all Carbon Black Cloud Hosted Services
Work alongside Product Management to maintain, execute, and prioritizeaproduct security featurebacklog
Collaborate with Architecture and Engineering teams to ensurethe products are designed, implemented and operated to provide continuity in the face of an attack
Support the GoToMarket organization in responding to security questions as part of the RFP process
Work alongside Carbon Black Threat Analysis Unit to investigate and mitigate potential bypass and exploit techniques
Efficiently and effectively evaluate and communicate product security posture to the Carbon Black Product team, with recommendations and prioritization as required
Manage relationships with the greater external research community in terms of responding to disclosures.
What You'll Bring
The successful candidate will be deeply technical, with a focus on both engineering practices and policy application and also have:
Bachelor's degree in Computer Science, or related Field; Master’s Degree a plus
10-15years experiencein both software engineering and security related field
Certifications:CISSP ,CISM, or related is a plus
Category : Engineering and Technology
Subcategory: Product Dev Management
Experience: Business Leadership
Full Time/ Part Time: Full Time
Posted Date: 2020-07-29
VMware Company Overview: At VMware, we believe that software has the power to unlock new opportunities for people and our planet. We look beyond the barriers of compromise to engineer new ways to make technologies work together seamlessly. Our cloud, mobility, and security software form a flexible, consistent digital foundation for securely delivering the apps, services and experiences that are transforming business innovation around the globe. At the core of what we do are our people who deeply value execution, passion, integrity, customers, and community. Shape what’s possible today at http://careers.vmware.com.
Equal Employment Opportunity Statement: VMware is an Equal Opportunity Employer and Prohibits Discrimination and Harassment of Any Kind: VMware is committed to the principle of equal employment opportunity for all employees and to providing employees with a work environment free of discrimination and harassment. All employment decisions at VMware are based on business needs, job requirements and individual qualifications, without regard to race, color, religion or belief, national, social or ethnic origin, sex (including pregnancy), age, physical, mental or sensory disability, HIV Status, sexual orientation, gender identity and/or expression, marital, civil union or domestic partnership status, past or present military service, family medical history or genetic information, family or parental status, or any other status protected by the laws or regulations in the locations where we operate. VMware will not tolerate discrimination or harassment based on any of these characteristics. VMware encourages applicants of all ages. Vmware will provide reasonable accommodation to employees who have protected disabilities consistent with local law.