Technical Lead-Product Security 9/10/2016
San Francisco, CA
JOB DESCRIPTIONAPPLY As the Technical Lead for Product Security, you will lead the software security initiative within Synopsys' Software Security Group (SIG). This is a critical position within the business unit requiring in-depth application security knowledge, hands-on experience finding and fixing vulnerabilities, and the leadership skills necessary to define and guide our future security initiatives.
Synopsys has established itself as a major player in the Software Security industry with its acquisition of Coverity, Codenomicon, and Cigital. The security of our own applications is mission critical. In this role, you will own the growth of our Secure Software Development Lifecycle, lead application Penetration Tests and assessment efforts, and work with different developer groups within R&D to mitigate security issues.
Additional responsibilities include:
* Perform secure code reviews and penetration tests across a wide variety of products
* Build and update threat models and conduct architecture risk analysis activities
* Interact directly with development teams to help them understand and mitigate security issues
* Collaborate with the Security Research Lab to create new ways to detect and mitigate issues
* Create and implement new application security development initiatives
* Own the Incident Response process and lead Incident Response efforts
* Establish and track metrics that define and measure security excellence across the business unit
Desired Skills and Experience:
* Bachelor s or Master's degree in computer security or related fields with 5+ years of experience
* Demonstrated expertise in application security topics such as application (web, mobile, and/or embedded) security assessments
* Strong experience in Penetration Testing and Secure Code Review; Deep knowledge on mitigation techniques for security defects
* Experience with Threat Modeling and Architecture Risk Analysis
* Experience with a range of security analysis tools
* Strong communication skills, both verbal and written; ability to lead and coordinate discussions in a small group as well as present them in an organized fashion to larger groups
* Good interpersonal skills, with the ability to empathize with and mediate between engineering, customer, and management audiences
Synopsys offers the most comprehensive portfolio of software security solutions in the market. We go beyond traditional testing services to help our clients identify, remediate, and prevent vulnerabilities in the applications that power their business. Our holistic approach to application security offers a balance of managed and professional services and products tailored to fit your specific needs. We don t stop when the test is over. Our experts also provide remediation guidance, program design services, and training that empower you to build and maintain secure applications.