Oversees the organization of on-going security testing and code review to improve software security; updates security testing plans to ensure known vulnerabilities will not resurface. Uses a vast understanding of product security principles to design complex, new software solutions to help mitigate security vulnerabilities. Reviews and evaluates designs and project activities for compliance with security standards and guidelines; provides tangible feedback to improve product quality and mitigate risk. Leads internal teams in the adoption of SDL, specifically source code analysis, threat modeling, risk analysis, and writing product security requirements. Anticipates bottlenecks, provides escalation management, makes tradeoffs, and balances the business needs versus technical constraints. Defines and enforces security requirements and guidelines throughout the software development lifecycle to ensure that security is integrated from the beginning. Ensures software products adhere to relevant security regulations, industry standards, and compliance requirements. Utilizes a master level understanding of product security best practices to inform and drive secure coding practices across the organization. Communicates and coordinates with multiple teams on security and operational incidents. Serves as an expert level resource with regard to secure coding practices. Impacts large functions and leads large, cross-division functional teams or projects. Complexity Provides highly innovative solutions to complex problems within established policy. Disclaimer This job description describes the general nature and level of work performed in this role. It is not intended to be an exhaustive list of all duties, skills, responsibilities, knowledge, etc. These may be subject to change and additional functions may be assigned as needed by management. The pay range for this role is $147,050 to $230,850 USD annually with additional opportunities for pay in the form of bonus and/or equity (applies to United States of America candidates only). Pay varies by work location, job-related knowledge, skills, and experience. Four-year or Graduate Degree in Computer Science, Software Engineering, or any other related discipline or commensurate work experience or demonstrated competence. Typically has 10+ years of work experience, preferably in software security and automation, or a related field. Certified Information Systems Security Professional Systems Security Certified Practitioner Agile Methodology Automation CI/CD Code Review Computer Science Continuous Integration Cyber Security DevOps Github Java (Programming Language) Object-Oriented Programming (OOP) Product Design Python (Programming Language) Secure Coding Security Software Software Development Software Engineering Systems Development Life Cycle Threat Modeling Vulnerability Effective Communication Results Orientation Learning Agility Digital Fluency Customer Centricity