Job Directory Senior Product Security Engineer, Remediation Management - San Mateo, CA

Senior Product Security Engineer, Remediation Management - San Mateo, CA
San Mateo, CA

Companies like
are looking for tech talent like you.

On Hired, employers apply to you with up-front salaries.
Sign up to start matching for free.

About

Job Description

Title: Senior Product Security Engineer - Remediation Management

This role is responsible for collaborating with security and technology partner teams to secure infrastructure, products and applications across Guidewire's fast-growing customer facing cloud-based environments and the global IT enterprise infrastructure. Security is a critical part of the Guidewire business and product strategy and you would be working with a team of security professionals helping to protect our brand, reputation, and intellectual property.

* You will support an Information Security Product Security program through a close working relationship with the Senior Manager of Product Security and many technology partner teams including infrastructure, engineering, operations and product development.
* You will additionally be responsible for the full Lifecyle of the Vulnerability Remediation Management program.

Key responsibilities: (Can Include, But Are Not Limited To)

* Work to create, leverage automation, continuously develop, maintain and mature the Vulnerability Remediation Program at Guidewire
* Be a resourceful part of the product security team and independently responsible for the following:
* Document and analyze security test results in the Vulnerability Management Workflow
* Risk based planning and prioritization
* Effectively communicate and work closely with technology partners, teams and business units to coordinate and drive resolution of identified vulnerabilities within defined timelines as per Guidewire policy.
* Manage tracking and remediation of vulnerabilities by leveraging agreed-upon action plans and timelines
* Identify and resolve any false positive vulnerabilities in assessment results, if any.
* Collaborate with Guidewire Risk Management team to open, track and close risk issues for vulnerabilities that fail to adhere Guidewire defined remediation timelines.
* Develop comprehensive, accurate, actionable reports / dashboards and presentations for both technical and executive audiences
* Ensure knowledge creation around common vulnerabilities within the Guidewire landscape and corresponding remediation practices.
* Recommend appropriate policy, standards, process and procedural updates as required.

Skills and Experience:

* Preferred 7 years of hands-on experience in application and network vulnerability risk management and providing remediation recommendations.
* Advanced knowledge and understanding in various disciplines such as security engineering, system and network security, authentication and security protocols, cryptography, and application security.
* Experience with cloud service providers and their offerings, preferably AWS
* Strong understanding of vulnerabilities, common attack vectors and has attacker mindset: ability to think about creative threats and attack vectors.
* Strong communication (i.e., written and verbal), presentation skills, teamwork, and resourcefulness
* Preferred Certifications: CEH, CISSP, AWS Solutions Architect, or equivalent.

Let your dream job find you.

Sign up to start matching with top companies. It’s fast and free.