Offensive Security Researcher
NVIDIA
Assembly
Director, Product and Application Security
SailPoint
full-time
Posted on:
Location Type: Hybrid
Location: Austin • Texas • 🇺🇸 United States
Visit company websiteSalary
💰 $163,200 - $303,200 per year
Job Level
Lead
Tech Stack
AWSAzureCloudCyber SecurityGoogle Cloud PlatformKubernetesSDLC
About the role
- Develop and lead the enterprise-wide product security and resilience strategy, aligning with business goals and regulatory requirements.
- Partner with Dev/Ops, engineering, product management, and infrastructure teams to integrate security into SDLC, DevSecOps, and CI/CD pipelines.
- Establish and oversee secure architecture patterns, threat modeling practices, and resilience engineering frameworks.
- Drive adoption of security automation, vulnerability management, and secure coding standards across product teams.
- Build and mentor a high-performing team of product security architects, engineers, and software security specialists.
- Monitor emerging threats, technologies, and compliance trends to proactively evolve the security posture.
- Collaborate with legal, compliance, and risk teams to ensure alignment with global standards and certifications.
- Define and track KPIs to measure program effectiveness and maturity.
Requirements
- 7+ years in leadership roles, preferably in product or application security.
- Certifications like CISSP, CISM, CISA, CEH, GCIH, GCIA, are beneficial.
- Experience with secure software development practices and tools.
- Experience and knowledge of artificial intelligence software security, including OWASP AI Security and Privacy Guide, NIST AI Risk Management Framework, Cybersecurity AI (CAI), Open SSF AI/ML Security Framework.
- Experience with regulatory frameworks (e.g., NIST, ISO 27001, GDPR).
- Strategic Vision & Execution - Ability to define and communicate a clear vision for product security and resilience aligned with enterprise goals.
- Influence & Collaboration – Demonstrable experience building strong partnerships across an organization to drive secure-by-design culture.
- Technical Leadership - Deep understanding of product security issues (like XXE, SSRF, Injections, etc.), modern software development (fully automated CI/CD, REST, OAuth2) including multi-cloud (AWS, Azure, GCP, Containers, Kubernetes) architectures, particularly Amazon Web Services, Kubernetes, and software bill of materials (SBOM).
- Manage entire lifecycle of security researcher findings, customer reported security questions, issues, incidents, associated CVE’s.
- Change Management – Experience leading organizational change initiatives to embed security and resilience into product development lifecycles.
- Experience building relationships with software engineering teams, including managing mature product security including final security reviews, and, risk-driven product scoring/metrics.
- Talent Development - Demonstrable experience building high-performing teams through coaching, mentoring, and career development.
- Risk-Based Decision Making – Experience making informed decisions through balancing business priorities, technical constraints, and risk exposure.
- Executive Communication – Experience communicating complex technical concepts and ongoing program updates clearly to non-technical stakeholders and executive leadership.
Benefits
- Health and wellness coverage: Medical, dental, and vision insurance
- Disability coverage: Short-term and long-term disability
- Life protection: Life insurance and Accidental Death & Dismemberment (AD&D)
- Additional life coverage options: Supplemental life insurance for employees, spouses, and children
- Flexible spending accounts for health care, and dependent care; limited purpose flexible spending account
- Financial security: 401(k) Savings and Investment Plan with company matching
- Time off benefits: Flexible vacation policy
- Holidays: 8 paid holidays annually
- Sick leave
- Parental support: Paid parental leave
- Employee Assistance Program (EAP) and Care Counselors
- Voluntary benefits: Legal Assistance, Critical Illness, Accident, Hospital Indemnity and Pet Insurance options
- Health Savings Account (HSA) with employer contribution
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard skills
product securityapplication securitysecure software developmentsecurity automationvulnerability managementsecure coding standardsthreat modelingresilience engineeringCI/CDDevSecOps
Soft skills
strategic visioninfluencecollaborationtechnical leadershipchange managementtalent developmentrisk-based decision makingexecutive communication
Certifications
CISSPCISMCISACEHGCIHGCIA
