Manager of Product Security

Sisense

Sisense

Product
New York, NY, USA · Remote
Posted on May 23, 2024

As the Manager of Product Security, you will play a crucial role in ensuring the security and integrity of our SaaS (Software as a Service) platform. You will lead a team responsible for threat modeling, conducting shift left reviews, and managing vulnerability remediation efforts. Your security expertise best practices, threat assessment, and proactive risk mitigation will be essential in safeguarding our platform and protecting our customers' data.

Key Responsibilities:

  • Threat Modeling: Collaborate with cross-functional teams to identify potential security threats and vulnerabilities in the SaaS platform. Conduct thorough threat modeling exercises to assess risks and prioritize mitigation strategies.
  • Shift Left Reviews: Implement and oversee shift left security practices to integrate security measures early in the software development lifecycle. Work closely with development teams to conduct code reviews, identify security gaps, and enforce secure coding standards.
  • Vulnerability Remediation: Lead efforts to identify, prioritize, and remediate security vulnerabilities in the SaaS platform. Coordinate with development teams to implement patches, updates, and security fixes in a timely manner.
  • Security Testing: Develop and execute comprehensive security testing plans, including penetration testing, code scanning, and vulnerability assessments. Analyze test results to identify security weaknesses and recommend remediation actions.
  • Security Awareness and Training: Foster a culture of security awareness within the organization by providing regular training sessions and educational materials. Keep abreast of the latest security threats, trends, and best practices to continuously enhance the security posture of the SaaS platform.
  • Compliance and Regulatory Requirements: Ensure that the SaaS platform complies with relevant security standards, industry regulations, and data protection laws. Stay informed about evolving compliance requirements and drive initiatives to maintain compliance across all aspects of product security.
  • Incident Response: Develop and maintain incident response plans and protocols to effectively respond to security incidents and breaches. Lead investigations into security incidents, implement remediation actions, and identify lessons learned to strengthen security defenses.

Qualifications:

  • Bachelor's degree in Computer Science, Information Security, or a related field (Master's degree preferred).
  • Proven experience 8+ years in product security, with a focus on threat modeling, shift left reviews, and vulnerability management.
  • Strong understanding of security principles, protocols, and best practices.
  • Hands-on experience with security testing tools and techniques, such as penetration testing, code scanning, and vulnerability assessment.
  • Excellent communication skills with the ability to effectively collaborate with cross-functional teams and communicate complex security concepts to non-technical stakeholders.
  • Experience deploying programs using OWASP Top Ten and MITRE ATT&CK frameworks
  • Relevant certifications (e.g., CISSP, CISM, CEH) preferred.
  • Experience working in a SaaS environment is needed.

About Sisense:

Sisense stands as a beacon of light in the embedded analytics landscape, recognized globally for pioneering solutions that infuse intelligence into every facet of business. As we continue on our journey and explore the vast opportunities of the API economy, we're positioning ourselves for unprecedented growth.

Our vision is bold and transformative: a future where analytics and insights underpin every decision, every process, and every interaction. Our team, an amalgamation of diverse perspectives and unique skills, is our secret weapon. At Sisense, we foster a culture of innovation, collaboration, and inclusivity, powering our relentless drive to redefine what's possible in the world of analytics.

Join us in this ambitious journey. This position offers more than a job; it's a chance to reshape the industry, redefine the future of analytics, and be a part of a team that's pushing boundaries. Let's shape the future of analytics together.

**USA Only

For roles in the US, Applicants must be authorized to work in the US as we are unable to provide employer sponsorship at this time.

CO Posting: The base pay range for candidates located in Colorado is $130,000-$170,000 (/yr). The salary of the finalist selected for this role will be based on a variety of factors, including but not limited to market location, internal equity, job-related knowledge, experience and training, education, skill sets, and other business and organizational needs. A bonus, equity, commissions, and restricted stock units may be provided as part of the compensation package, in addition to a full range of medical, financial, and/or other benefits, depending on the position offered. This position may be considered a promotional opportunity. The disclosed salary range represents an estimate of the base compensation for candidates who can or will be located in Colorado. This range may vary with respect to candidates whose primary work location is outside those jurisdictions.

NYC and CA Posting: The base pay range for candidates located in New York City and California is $130,000-$170,000 (/yr). The salary of the finalist selected for this role will be based on a variety of factors, including but not limited to market location, internal equity, job-related knowledge, experience and training, education, skill sets, and other business and organizational needs.The disclosed salary range represents an estimate of the base compensation for candidates who can or will be located in New York City or California. This range may vary with respect to candidates whose primary work location is outside those jurisdictions.