GIS-Technical Program Project Management - Santa Clara, CA

Relevant Experience

(in Yrs)

+ 6-8 Years

Technical/Functional Skills

• Minimum 6 to 8 years of experience in Application and/or product security
• Knowledge of regulatory guidelines and standards such as ISO27001, SEMI Standards, etc.
• A thorough understanding of common application security tools, code libraries and documentation.
• Understanding of threat modeling, security vulnerabilities, attacker exploit techniques, and methods for their remediation.
• Familiarity with the tools for various security activities: Static Code Analysis, DAST Penetration Testing, Intrusion Detection/Prevention, etc.
• Experience in performing source code review
• Working knowledge of one scripting language and or familiarity with at least one software programming language and a framework is a plus
• Excellent written and verbal communication skills with the ability to adapt messaging to executive, technical, and non-technical audiences.
• Certification in any security area is a plus
• Experience working with manufacturing equipment or industrial equipment is a plus
• Experience working in semi-conductor industry is a plus

Experience Required

+ 6-8 Years

Roles & Responsibilities

• Partner with various stake holder groups, to promote and build a culture of security and ensure products are designed and built securely.
• Partner with Product Engineering, Legal, and Information Security teams to ensure security & compliance objectives are identified and tracked to completion.
• Partner with product teams across Applied to identify and implement security requirements into their respective product development activities.
• Creating and driving the project schedule, working with BU security champions, and managing schedule progress; from large phases through to detailed tasks, including understanding and managing dependencies within and across Product Groups
• Work with a global team to help implement and monitor security controls to proactively identify product security issues
• Ability to interpret security tools and penetration testing results to stakeholders and provide advice on vulnerability remediation and risk mitigation
• Should have good understanding of DevSecOps concepts/principles and cloud native services, to enable secure development and deployment of applications in the Cloud
• Work with Information Security and Information Technology teams to build & maintain controls to manage varied risks including application and cyber risks
• Work across teams to develop and define project/program information security metrics & dashboards.