MobileIron is the secure foundation of modern work. Think of the way you work today and how important the safety of your data has become. With today’s distributed workforce, for us to stay productive, it’s imperative that we can access our devices and data safely, anytime, anywhere. MobileIron provides that peace of mind to organizations and their employees – an always-on secure and convenient access, no matter what device you use or where you are. Chosen by over 17,000 global enterprises, MobileIron is the leading standalone Enterprise Mobility Management (EMM) and Unified Endpoint Management provider (UEM).
Following a 7-year leadership position in Gartner’s Magic Quadrant for EMM, in 2018, MobileIron was also recognized as a leader in Gartner’s inaugural Magic Quadrant for UEM.
Are you excited about winning in cloud, security, and mobility? We are looking for passionate people to help us build the next chapter of MobileIron. Join us as we rapidly innovate to meet the needs of our growing customer base.
Reporting to the SVP Engineering, this senior leader is responsible for execution of the organization’s defined security architecture. Providing security thought leadership across cloud domains and assures seamless integration into the enterprise security and risk framework. This is accomplished through a focus on people, process and automation.
Implements and operationalizes security requirements and business processes through pattern development aligned with the company security standards and policies. Partnering with cloud automation and application development teams the head of product security will design security patterns and deliver tools/code to integrate and automate AppDev security at scale. Lead the program to ensure the integrity of code: deployment and operationalization of effective controls for CICD pipelines including SAST, DAST practices.
The VP, Product Security role will participate with a team of engineers and architects in DevOps, Enterprise Security, Threat Management and Risk Management to ensure effective integration of the MobileIron products into an enterprise security framework. Assures compliance with requirements as a function of the ongoing cloud technology environment. Leads DevSecOps experts across applications and platforms. Ensure appropriate requirements are met for technology and business projects or other security topics.
You will be championing security throughout the software development life-cycle and oversee all security and vulnerability related initiatives for client and server components, including cloud-based products. Managing a team of talented senior security engineers distributed across multiple locations. You will be working with your peers in development to enforce as well influence security requirements. Bring a sense of purpose and passion to making MobileIron products secure.
What you’ll be doing…
- Responsible for the overall secure software development life cycle of products delivered by Development.
- Manage the day-to-day activities of the security engineering team within an Agile/Scrum environment
- Work closely with the developers to architect and implement the best technical design and approach to enhance the security of the products.
- Vulnerability Analysis and Security Incident Management - Evolve the incident management process to respond quickly and professionally to disclosure of vulnerabilities by customers, researchers and others in MobileIron products and underlying components.
- Drive Security testing using open source, commercial and proprietary tools. Engage external pen testing and security reviews.
- Communicate with prospects and customers about MobileIron security vision, architecture and implementation
- Work with Legal, PR and other groups to respond to any issues related to security of MobileIron products.
- Establish policies and procedures pertaining to data management, security, maintenance and utilization.
- Function as a change agent to enable the cloud and digital transformation initiatives from a security perspective.
- Support the adoption of Devops culture and practices through active thought leadership, talent acquisition, skills development, in cloud and devops mindset, technology and operating models.
- Drive adoption of security embedded in application and platform teams through training, awareness and integration of security principles into the CICD pipelines
- Partner with platform and development teams to assess and close gaps in cloud security posture across the security disciplines of IdAM, Network and Data protection, CICD, Infrastructure security, Vulnerability Management, Compliance validation, Incident response and logging/monitoring, Insider Risk management, etc.
Who you are...
- Strong interpersonal and communications skills; ability to work in a collaborative, team-oriented environment.
What you’ve done…
- 10+ years of relevant experience in Cyber Security, Identity and Access Management, Cloud IT security design, Technology Architecture and in conducting and designing risk assessments for technology. 3-5 years experience in DevSecOps.
- Hold one or more security certificates (CISSP, CRISC, CISA, CSA, CEH, CISM)
- Knowledge about emerging software delivery methodologies (Agile, Scrum & Kanban) & technologies
- Understanding of control and risk management concepts and knowledge of operational aspects of the information risk business.
- Deep understanding and experience working within the “Three Lines of Defense” model. Knowledge of financial services industry and its regulations/laws desirable.
- Leadership experience including influencing stakeholders and delivering on strategic priorities
- Possess deep understanding of best practices in securing the cloud security through effective combination of native and established security capabilities.
- Bachelor’s/Master’s Degree in Technology or equivalent experience.
Nice to Have Skills:
- Certifications - FedRAMP, MDMPP, SOC 2; Common-Criteria experience preferred
- AWS Security experience is a plus
* We are an EEO/AA Employer. Protected veterans and individuals with disability encouraged to apply.