Principal Cyber Security Engineer
Pleasanton, CA

Job Description

Job Overview:

We are looking for a cloud security expert to lead the technical insight and industry perspective in the delivery of complex security solutions for our SaaS and mobile offerings. The ideal candidate will provide cloud product security and information security architecture direction, knowledge and assessments to Engineering teams.

Essential Responsibilities:

You are a skilled security practitioner who enjoys security work and is an expert in cloud product security principals. In this role, you will be consuming threat intelligence, conducting threat modeling and designing robust, resilient and secure cloud and mobile products working with leading cloud infrastructure providers.

In this role you will:

* Consult architect on security requirements and utilize best practices to meet them
* Drive tailored SDL practice into specific engineering
* Engage in domain-specific threat modeling and attack surface analysis/reduction
* Working with all scrum teams for security-focused design, to identify and ensure timely resolution of possible technical implications of each release
* Work with Engineering teams to lead initiatives and develop and build security utilities and tools that will enable ServiceMax to operate more securely
* Be able to comprehend common and complex protocols and crypto standards, and ability to guide implementations
* Define Security Architecture for ServiceMax Products and the planning and implementation of risk mitigating security solutions
* Build and maintain a robust security roadmap to meet customer demands and regulatory mandates
* Prepare reports at appropriate levels of confidentiality for stakeholders to view
* Responding promptly and in detail to customer-sponsored penetration tests
* Develop, maintain, and promote standards through workshops, knowledge shares and brown-bags
* Promotes best practices and full-stack design patterns

Basic Qualifications:

* Bachelor's Degree in Computer Engineering or in a STEM major (Science, Technology, Engineering, or Math)
* A minimum of 6 years of experience in threat management, vulnerability management, and information protection in a cloud environment.
* A minimum of 6 years of experience in cloud infrastructure, platform and software security consulting, design/architecture and assurance
* A minimum of 4 years of experience in security development life cycle (SDLC)
* Strong knowledge of CI/CD and automation tools (Chef, Git, Jenkins)
* Identity management and identity federation (SAML, Oauth, SCIM, XACML)
* Able to design, develop and build automation to scale our security infrastructure
* Experience designing and implementing security controls in cloud platforms such as AWS, Azure and alike.
* Must be available for on call for potential security response
* Experience with the application of risk identification and evaluation techniques
* Advanced knowledge of Cyber Security and full knowledge of multiple related engineering functions
* Experience with broad set of information security technologies and processes within a SaaS, IaaS, PaaS, or cloud environment

Eligibility Requirements:

Legal authorization to work in the U.S. is required. ServiceMax may agree to sponsor an individual for an employment visa now or in the future if there is a shortage of individuals with particular skills. Any offer of employment is conditioned upon the successful completion of a background investigation and drug screen.

Desired Characteristics:

* A High energy and a result-oriented approach
* Experience with and strong knowledge of Software Defined Network principles
* Contribute to and lead discussions and communications within the team and outside, including customers and other business units
* Partner with product owners in requirement gathering and vetting
* Foster a collaborative and cooperative team environment, encouraging input and participation from all members
* Significant experience in cryptography, network security or systems security
* Distributed computing, clusters, virtualization, high availability, load balancing
* Experience with Force.com and Salesforce.com AppExchange
* Deep understanding of security tools and technologies
* Experience in large enterprise and cloud environments
* Skilled at explaining complex technical issues in terms understandable by the business
* Excellent written and verbal communication skills, especially experience with executive-level communications
* Experience with web-based applications and/or web services-based applications, especially at massive scale
* Experience with Agile Management
* MS or PhD in Computer Science