Job Description Working within the Office of the CISO, this role will be responsible for helping SailPoint design, deploy and maintain security procedures, technologies and best practices, across its software development and SaaS operations activities. The successful candidate will work closely with our software engineering and product management groups to ensure that SailPoint products meet the highest standards of security. This person will also be responsible for working closely with our internal IT and SaaS DevOps teams to provide advice, consultation and implementation assistance for the confidentiality, integrity, and availability of our systems and data.
This is a highly diverse role, reporting directly to senior executive staff. The successful candidate must have strong security knowledge and excellent understanding of systems security engineering concepts, principles and theories. At the same time, the candidate must possess good interpersonal, organizational, and team-building abilities, strong written, oral and presentational skills, and capacity to work effectively as part of a matrixed team that spans our technology and our business. The right candidate will be hands-on with the latest security tools and technologies and will possess the tact and knowledge to help advise, consult and collaborate with others responsible for the deployment and maintenance of cybersecurity technologies and best practices. In short, we are looking for someone to be a subject matter expert and focal point for security technologies and best practices across the company.
- Working knowledge of layered security architectures and designs
- Familiarity with network vulnerability assessment tools and techniques
- Understanding of requisite IDS/IPS, log and monitoring technologies
- Strong understanding of web application vulnerability assessment methodologies and tools
- Working knowledge of DevOps and cloud deployment methodologies
- Ability to work in close collaboration with business, IT and operations staff to ensure security controls are implemented and tested
- Participate in requirements definition, selection, and implementation of security technologies
- Help define and deliver security response procedures and select appropriate supporting technologies
- Participate in regular penetration testing and vulnerability assessment activities
- Investigate and help respond to internal security issues, alerts and actions
- Stay up to date with emerging security trends
5+ years Information Technology experience, including 3+ years Information Security experience 2+ years experience in Infrastructure, Application, and Database security at an enterprise level BA/BS degree or equivalent experience