TWO95 International is hiring a
Senior Manager Product Security

Summary

The job is for a Senior Manager Product Security role that is remote and contract-to-hire. The position requires proficiency in various security tools, testing web applications, securing cloud environments, improving DevSecOps, conducting penetration tests, integrating threat modeling, promoting security culture, evolving technology, managing cloud security governance, documenting work, delivering metrics, and has 7-12 years of experience.

Requirements

• High Proficiency in DAST, SAST, and SCA tooling
• Testing and reviewing web applications/services written in Java, C/C++, and mobile languages
• Securing AWS and GCP environments using IaC
• 7-12 years in security-related fields, 1+ years management

Responsibilities

• Engage in and improve DevSecOps automation in a CI/CD pipeline
• Conduct and manage a penetration testing program for both hardware and software platforms
• Integrating threat modeling practices into the product lifecycle
• Actively promote improving the security culture, standards, and education within the engineering organization
• Proactively evolve technology and processes using research on the latest security standard methodologies, trends, threats and vulnerabilities
• Manage AWS and GCP cloud security governance through various tools which implement CIS benchmark scans, WAF policies, and IaC standards control

Benefits

• Skills in documenting work and deliverables in a collaborative and clear manner, keeping them up to date as changes are made
• Producing metrics reporting the state of application security programs and performance of development teams against requirements